Results 1 to 6 of 6
  1. #1
    Join Date
    Nov 2011
    Posts
    413

    Unanswered: Automate Code for Form Access

    I have been trying to think of a way to automate this process for a while. Maybe it can't be done or maybe I can't see the forest because of the trees!
    Right now the code is hard coded using the OnClickEvent for each command button on the Main Menu.


    I have my Login form and after logging in the form becomes hidden.
    Then depending on other criteria you are brought to a Main Menu.
    txtUserID is the User Name and txtstatus is the form name to NOT allow access to.

    2 unbound text boxes on Main Menu form. Login form is hidden after logging in.
    Me.txtUserID = Forms![frmLogin]![txtUserID]
    Me.txtstatus = DLookup("[fAccess]", "tblfrmList", "[userID]='" & Me.txtUserID.Value & "'")
    If Me.txtstatus = 1 Then
    Call MsgBox("Sorry, you do not have access to this form, Please Contact your System Administrator for details.", vbExclamation, Application.Name)
    Exit Sub
    End If

    tblfrmList
    frmListID Primary Key
    userID Text User Name.
    frmName Text Form Name to Retrict Access to.
    fAccess Number User Has Access to this Form? -1 is True, 1 is False.

  2. #2
    Join Date
    May 2005
    Location
    Nevada, USA
    Posts
    2,888
    Provided Answers: 6
    Not clear on the question, but one alternative would be to test the login form (where you store the access level) in the open or load event of each form (whichever event can be cancelled, offhand I can't remember which it is). Set cancel = true if the user's level isn't enough for the form.
    Paul

  3. #3
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    i don't understand what you are trying to automate.....
    either a user has clearance ot they don't

    in the windowing world the design stylisitc is that users should not see what they can't use... so if it were me I'd hide the options they cannot use. but because I'm a distrustiing cynical so and so I'd also place code in the form (or reports) on open event and CANCEL the open event if they user doesn't have clearance

    I wouldn't use a hidden logon form, I'd probably use a security class and have a method that returned true or false if the user (either directly or via their usergroup) has clearance for the requested action on the specified form). Actually I wouldn't have a logon form either, but hats becuase I prefer to delegate authentication to the network, have no deamnd that the user thnks up yet another !!!! password to do their job. youy do need to have the network set up so you can only ever have one userlogon on one computer in the network (ie he same user cannot logon to more than one computer concurrently and have a network policy that user id's MUST be unique (one id per person, business policies that make leaving your workstatin logged but unattended is a serious 'offence'.

    by passinbg the authentication over tot he network trolls you immediately transfer the security aspects over a user account. if an employee is sacked they loose computer access when the netwrok trolls get off their !!!! and do something. you still have to transfer user privilieges when a user moves work roles. That is the one area where your network trolls can dump you inthe sticky smelly brown stuff in as much they will almost certainly forget, shorry that shoudl read ignore, to inform you of the change in role
    I'd rather be riding on the Tiger 800 or the Norton

  4. #4
    Join Date
    Nov 2011
    Posts
    413

    Automate Code for Form Access

    I already have security clearance code for their user form settings, i.e. Data/Read Only/Administrator,etc... This is different. My code works as designed if I put it behind a command button, but the goal was to try and do it Globally so I would not have to hard code each form. This db is not setup for a Network to administer. All of the code is built into the db. Each user would have their own front end copy. I have not yet built in Groups as in Office or Locations.

    I don't want to confuse the issue here. To not have to hard code each command button is the goal as to whether the user can access that form or not. They already have their user privileges setup as to whether they can add/edit , etc...

    By making the Login form hidden, I can still use those values on my Main Menu form.

    A user could have more than just ONE form that they could not access. Even though their security level is still in place, it is over ridden by this feature.


    Hope this explain a little better.
    Attached Thumbnails Attached Thumbnails FormAccess.png   NoAccess.png  

  5. #5
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    so what is the issue
    you have rolled your own security, and Il bet it can be pretty easily circumvented, network are far far trickier to circumvent

    what I dont' understand is:-
    To not have to hard code each command button is the goal as to whether the user can access that form or not. They already have their user privileges setup as to whether they can add/edit , etc...
    you can check if a user has clearance but the code for that is dependent on the way you have setup your authorisation.

    you need to lace some code in either the form/report to check the user is authorised for the proposed action. to do that place the code in the formk/reports on open event and cancel if the user isn't authorised

    ideally you should also place some code that hides buttons which the user has no rights to see/use. there is no magic bullet here. if you want to limit a users actions on a command button then you will have to code each button accordingly. as to whether you do that through some VBA that modifies a menu on the fly or some other technique thats your call, its your code.

    All I can say is that I have yet to find a security model applied to an Access db by a developer that is 'secure', virtually every developers designs are flawed, in most cases seriously flawed. now you may be a real 'Tefal man', but I seriously doubt it. if the purpsoe is to deter the casual unknowledgeable user then it may well work, it will almost certainly fail with a knowledgeable and malicious user.
    I'd rather be riding on the Tiger 800 or the Norton

  6. #6
    Join Date
    Nov 2011
    Posts
    413
    I realize Access is insecure by design. Yes, it could be circumvented by a savvy user. I was hoping to not hard code each command button but I guess that is one of those I wish I could things.

    Thanks for trying to help.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •