Question on coding permissions.

[Guest]

Hello,

I asked this question a few weeks ago, but I want to try something different
than the advice I was given if possible. I have made a database for our
financial department. I set it up with a logon form (just to see if I could
make it work) that prompts when username or password is incorrect and will
shut down the application after 3 attempts. This was coded in VB. Now, our
CFO likes this db so much she wants to expand it to other departments with
their own forms, but all departments concerned can't see certain info. I
want to know if it is possible, in VB, to code "permissions" based on db
logons. As an example, I have on main switchboard linking to all forms. If
a user logs on, can I code it so based on the logon they enter (which is in a
table containing username and password), they can only see or be able to
click certain command buttons on the main switchboard? I know Access has
security settings, but these can be confusing, and really, I just want to
know if I can do it in VB. Any help would be appreciated.

 

[Guest]

Louis,
I designed a training application that restricted the use of each form i.e.
trainers vs. trainees with my own security programming. Read write access
was given to the trainees/testtakers based on a table. Since then I've
learned alot more about security and have become comfortable with its
idiosynchrocies. If you follow this method, it is very important to
understand that every Access database has a default user named admin that can
not be deleted and is a member of both the users and admins groups and by
default all users are members of each the users group. The admin user does
not have a password by default. So if a user signs in as the admin user he
has full priviledges to everything or if you don't remove the users group's
priviledges they will have access to the default package and would be able to
get into the table that contains the security information.
To get around this first Create a Workgroup Information by using the
workgroup manager which in xp/2003 is under tools. In prior versions its run
out of Access by clicking |start|run|wrkgrp.exe. Then set up a new user as
the administrator by signing in as the admin user and giving the new user all
available access to each of the categories. Then close access, restart the
application and resign in as the new administrative user. Now delete the
admins group from the admin user account and revoke all priviledges from the
users group account. This is done in two different dialogs. If you don't do
this any other security you set up is meaningless because it can be easily
bypassed using the default admin user or the default users priviledges.