If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
User Logins - Restricting Buttons/Forms
Hello:
I am creating a mutli-user database and need help with controlling access to forms and buttons based on the user's profile. First of all, I am not using the built-in security wizard (mdw). I'd prefer not to mess with it. This is a pretty simmple database and I'm not worried about anyone hacking into it. I have a table (tblEmployees) with three fields: [LoginName], [Password], and [AceesLevel]. When launched, the user enters in their LoginName (via combo-box) and enters their password which gives them access to the database. Here is what I am attempting: I would like to restrict certain forms and buttons depending on the AccessLevel (admin, user, viewer)assigned to the user logging in (as per the tblEmployees.AccessLevel). I've been able to do that based on their LoginName, but I'd rather base it on the three (or possibly more) levels, but not for an infinite number of LoginNames. Admin would have full access; User would have everything but Admin privileges, and Viewer can just view. Specifically, I want to create an "Employee Profile" form that will let the logged in user edit their profile information (password, extension, etc), but not view any other's, and of course Admin can view and edit them all. Thanks to anyone who responds. jwmonroe |
#2
|
|||
|
|||
User Logins - Restricting Buttons/Forms
Hi Jeff,
you can use the form OPEN event to check and see if the user has sufficient priviledges to view the form you can do this in the Open event to cancel opening the form... '~~~~~~~~~~~~~ Cancel = True '~~~~~~~~~~~~~ An easy way to implement letting the "logged in user edit their profile information" is to set AllowEdits to False when the form is LOADed (you can probably put this on the Open event too) then, use an EDIT command button. In the Click code, you can check to see if the user is on their record and, if so '~~~~~~~~~~~~~ Me.AllowEdits = True '~~~~~~~~~~~~~ then, on the form CURRENT event '~~~~~~~~~~~~~ Me.AllowEdits = False '~~~~~~~~~~~~~ Warm Regards, Crystal * (: have an awesome day * MVP Access Remote Programming and Training strive4peace2006 at yahoo.com * Jeff Monroe wrote: Hello: I am creating a mutli-user database and need help with controlling access to forms and buttons based on the user's profile. First of all, I am not using the built-in security wizard (mdw). I'd prefer not to mess with it. This is a pretty simmple database and I'm not worried about anyone hacking into it. I have a table (tblEmployees) with three fields: [LoginName], [Password], and [AceesLevel]. When launched, the user enters in their LoginName (via combo-box) and enters their password which gives them access to the database. Here is what I am attempting: I would like to restrict certain forms and buttons depending on the AccessLevel (admin, user, viewer)assigned to the user logging in (as per the tblEmployees.AccessLevel). I've been able to do that based on their LoginName, but I'd rather base it on the three (or possibly more) levels, but not for an infinite number of LoginNames. Admin would have full access; User would have everything but Admin privileges, and Viewer can just view. Specifically, I want to create an "Employee Profile" form that will let the logged in user edit their profile information (password, extension, etc), but not view any other's, and of course Admin can view and edit them all. Thanks to anyone who responds. jwmonroe |
#3
|
|||
|
|||
Crystal:
Thank you for the response to my question. Can you break it down into more detail? I am having trouble getting the AccessLevel criteria (i.e., "admin", "user", "viewer") of the person logged-in in order to activate fields and/or forms and filters. For instance I log in (jmonroe) and I have access level of "admin". After I'm logged in, I can access all forms and all user information. Now, John Smith logs in (LoginName "jsmith") with AccessLevel "user", he should not be able to access "admin" forms & fields, and when he views tblEmployees data via a form, he can only view "jsmith's " data. Thank you so much for you help and patience, and have a happy new year! Jeff ************************************************** ****************** Quote:
|
#4
|
|||
|
|||
User Logins - Restricting Buttons/Forms
Jeff,
You need to get a copy of the Security FAQ, read it several times, and follow it to the letter. Just creating user names is not sufficient to doing what you want. By default, all users have the same permissions as the Admin user unless you modify things as layed out in the Security FAQ. There's a lilnk to it on the Security page of my website. -- Lynn Trapp Microsoft MVP (Access) www.ltcomputerdesigns.com "Jeff Monroe" wrote in message ... Crystal: Thank you for the response to my question. Can you break it down into more detail? I am having trouble getting the AccessLevel criteria (i.e., "admin", "user", "viewer") of the person logged-in in order to activate fields and/or forms and filters. For instance I log in (jmonroe) and I have access level of "admin". After I'm logged in, I can access all forms and all user information. Now, John Smith logs in (LoginName "jsmith") with AccessLevel "user", he should not be able to access "admin" forms & fields, and when he views tblEmployees data via a form, he can only view "jsmith's " data. Thank you so much for you help and patience, and have a happy new year! Jeff ************************************************** ****************** strive4peace Wrote: Hi Jeff, you can use the form OPEN event to check and see if the user has sufficient priviledges to view the form you can do this in the Open event to cancel opening the form... '~~~~~~~~~~~~~ Cancel = True '~~~~~~~~~~~~~ An easy way to implement letting the "logged in user edit their profile information" is to set AllowEdits to False when the form is LOADed (you can probably put this on the Open event too) then, use an EDIT command button. In the Click code, you can check to see if the user is on their record and, if so '~~~~~~~~~~~~~ Me.AllowEdits = True '~~~~~~~~~~~~~ then, on the form CURRENT event '~~~~~~~~~~~~~ Me.AllowEdits = False '~~~~~~~~~~~~~ Warm Regards, Crystal * (: have an awesome day * MVP Access Remote Programming and Training strive4peace2006 at yahoo.com * Jeff Monroe wrote:- Hello: I am creating a mutli-user database and need help with controlling access to forms and buttons based on the user's profile. First of all, I am not using the built-in security wizard (mdw). I'd prefer not to mess with it. This is a pretty simmple database and I'm not worried about anyone hacking into it. I have a table (tblEmployees) with three fields: [LoginName], [Password], and [AceesLevel]. When launched, the user enters in their LoginName (via combo-box) and enters their password which gives them access to the database. Here is what I am attempting: I would like to restrict certain forms and buttons depending on the AccessLevel (admin, user, viewer)assigned to the user logging in (as per the tblEmployees.AccessLevel). I've been able to do that based on their LoginName, but I'd rather base it on the three (or possibly more) levels, but not for an infinite number of LoginNames. Admin would have full access; User would have everything but Admin privileges, and Viewer can just view. Specifically, I want to create an "Employee Profile" form that will let the logged in user edit their profile information (password, extension, etc), but not view any other's, and of course Admin can view and edit them all. Thanks to anyone who responds. jwmonroe - -- Jeff Monroe |
#5
|
|||
|
|||
User Logins - Restricting Buttons/Forms
thanks, Lynn!
Warm Regards, Crystal * (: have an awesome day * MVP Access Remote Programming and Training strive4peace2006 at yahoo.com * Lynn Trapp wrote: Jeff, You need to get a copy of the Security FAQ, read it several times, and follow it to the letter. Just creating user names is not sufficient to doing what you want. By default, all users have the same permissions as the Admin user unless you modify things as layed out in the Security FAQ. There's a lilnk to it on the Security page of my website. |
#6
|
|||
|
|||
Quote:
Thanks Lynn and Crystal. I'll look into that. Jeff |
Thread Tools | |
Display Modes | |
|
|