Security question, read only db with subsequent logons

  • Thread starter Thread starter Paul Malcomson
  • Start date Start date
P

Paul Malcomson

I'm trying to finish implementing security on my database. I have
secured the .mdb with a .mdw file as per the MS security FAQ with no
problems.

The last part of security that I need to implement is that the first
person to open and log on to the database gets to use the database.
Any subsequent log on users will flip into READ-ONLY mode and won't be
able to modify any data.

All my users belong to a 'full-data-access' group that allows them
enough priv's to run the application. I already have VBE code that
inserts a CURRENT_LOGON record when the Switchboard is opened. This
record is deleted when that user exits the system.

I need some code to perform the following logic:
IF anybody_else_logged_in = true
set database to read-only
(maybe revoke full-data-access group and
grant read-only-access group) to this user
else
insert logged_on record into current_logon table
open switchboard
end

TIA
Paul
 
Paul said:
I'm trying to finish implementing security on my database. I have
secured the .mdb with a .mdw file as per the MS security FAQ with no
problems.

The last part of security that I need to implement is that the first
person to open and log on to the database gets to use the database.
Any subsequent log on users will flip into READ-ONLY mode and won't be
able to modify any data.

All my users belong to a 'full-data-access' group that allows them
enough priv's to run the application. I already have VBE code that
inserts a CURRENT_LOGON record when the Switchboard is opened. This
record is deleted when that user exits the system.

I need some code to perform the following logic:
IF anybody_else_logged_in = true
set database to read-only
(maybe revoke full-data-access group and
grant read-only-access group) to this user
else
insert logged_on record into current_logon table
open switchboard
end

TIA
Paul
Click to expand...

Here is a consideration. There is a program called LDBView for A97 that
lets you know who is logged on to the app. I believe in the newer
Access versions there is a method to determine how many people are
logged on. Goto http://groups.google.com, advanced search, group
*Access* and search for info on LDBView and the newer method.

Now you can determine when there is one user vs many users in the system.

You could then create a global variable when the person logs on that
contains the value of acFormEdit or acFormReadOnly datamode.

Now search through the entire app that has a Docmd.OpenForm and put in
the variable for the value of the datamode.

You may have to make an adjustment if you open a form in acFormAdd datamode.

Remember too that variables lose their value if a person goes into debug
mode.

I just noticed you are a master crossposter. Why do you cross post?
 
I once had that code on a website,
now it's gone..
and the sourcecode with my laptop when it was stolen..
I have been able to reconstruct most of the code, so if anybody wants it on
their site I'll be happy to send it...
I seem to remember a dutch site who still "sport" a version of the code
(which I "stole" from vb advisor anyhow)
Dev would never allow me to put it into the access web anyhow...

--
Pieter Wijnen

When all else fail try:
http://www.mvps.org/access
http://www.granite.ab.ca
http://allenbrowne.com/
 
but what happens if there's a network error and the CURRENT_LOGON
record is not cleaned up

same problem with the LDB, unless you try to delete it first
actually if there's an LDB, and it can't be deleted, then you have
someone logged in

since you're using the standard switchboard item, just change the
switchboard open code based on the LDB's presence
 
Back
Top