Different front end design, same BE (1 Viewer)

Libre · Feb 28, 2015

Up until now my db's have had only a couple of users and our front ends are essentially the same - except mine is an mdb (now that I'm on 2013 it's an ACCDB) and the other user has an mde.
I'm adding a new user with different needs and I will design different forms and functions for the new user. He will still be connected to the same back end as me and the other user.
Are there any issues - anything I should keep in mind here? This doesn't seem all that tricky but it is new to me to do this - I always just update the mde every so often as I develop my accdb. Actually, until I do update the mde, she does have a different front end than I do - I update her maybe once a month or so. I develop a lot of functions that only I use.
SO anyway - any tips or warnings?
Thanks

gemma-the-husky · Feb 28, 2015

the other way is to put all the functionality in the single database, and have a user-interface that limits what each user can do. It's easier to maintain than having to update multiple databases.

This is why most systems will tend to put users in "user-groups", so you code facilities for particular user-groups, and then a new user gets the correct facilities based on the user-groups of which he is a member.

Libre · Mar 1, 2015

If I had one common front end - that would be easier to maintain but then each user would have to understand which buttons and forms worked for them and which ones to keep out of. I could create log in screens that caused certain windows to open and certain functions and objects to be locked I guess but that's increasing the complexity. With different front ends I would present a swithboard on open with only the buttons I wanted them to access. SO that might be more work but ultimately would be better - I think.
Bear in mind all the front ends are sharing the same tables so in that sense it's all on big db.

spikepl · Mar 1, 2015

Dave gave you good advice. Any change you do is now multipled by number of frontends. Every time. A bl.. maintenance nightmare. Setting up a login system to enable/disable features according to user's credentials is only done once.

I have a situation where each setup (depending on company) needs some different utilities, but shares the rest. I have a main db which links to a company-specific version of the utilities-db. In this way I can customise the utilities-db, and retain only one main db to maintain.

Galaxiom · Mar 2, 2015

When I need different facilities for different users I read the username from the Windows login and provide the facilities accordingly.

If can even be done by using an LDAP query to find the user's domain group memberships with the front end configured by groups.

RainLover · Mar 2, 2015

I also agree.

If you attempt to maintain various versions it won't be long before you get things mixed up.

This can and should as previously said by a User ID to decide who can and can't do what.

Libre · Mar 2, 2015

I admit to being a babe in the woods as far as Access security. I have tried the security wizard and set up some groups in the past - but not often. The reason is, as I said, I generally only have myself and 1 or 2 other users. I nearly had a stroke when I ALMOST locked myself out of my own database - that had a year or so of development. Somehow I was finally able to log in and I've stayed out of user groups since then. I've also read the many threads from terrified and frustrated developers - on this very forum - who did exactly what I said I almost did - lost the rights to open their own db. So I'm gun shy about this. Tell me something to calm my nerves about it - please. Incidentally, I do have a workgroup security file for my current db, and I use a shortcut to open the db with a startup string - the ONLY way that db will open at this point. I'm working on a brand new db (a new version of that current one) and this one does not have user security or groups installed - and kind of hoped not to go there.
So I have to go there?
How do I get comfortable about this?
Thanks everyone.
Libre

EDIT
Also, can this new user be prevented from even SEEING the main switchboard and all the functions except just what I want him to see - or do I just exclude him from being able to USE that stuff. The db opens to a main menu that I designed. For now I just want him to have one form that I will design. I will give him an mde file so he can't go into design mode at all - but I want to keep this simple for him and for me.

Next Edit
As far as this new user only seeing what I want him to see, I realized I could design a new switchboard that is the first form presented, BEFORE that main menu I mentioned above. Then there will be buttons that will either open that main menu or just the area for the new user. I could design my own internal login window to prevent him from accessing the main menu if I want, but I'm really not that concerned about it. Yet ANOTHER login would be a drag. But if I get concerned I could do that.

Solo712 · Mar 2, 2015

Libre said:
I admit to being a babe in the woods as far as Access security. I have tried the security wizard and set up some groups in the past - but not often. The reason is, as I said, I generally only have myself and 1 or 2 other users. I nearly had a stroke when I ALMOST locked myself out of my own database - that had a year or so of development. Somehow I was finally able to log in and I've stayed out of user groups since then. I've also read the many threads from terrified and frustrated developers - on this very forum - who did exactly what I said I almost did - lost the rights to open their own db. So I'm gun shy about this. Tell me something to calm my nerves about it - please. Incidentally, I do have a workgroup security file for my current db, and I use a shortcut to open the db with a startup string - the ONLY way that db will open at this point. I'm working on a brand new db (a new version of that current one) and this one does not have user security or groups installed - and kind of hoped not to go there.
So I have to go there?
How do I get comfortable about this?
Thanks everyone.
Libre

EDIT
Also, can this new user be prevented from even SEEING the main switchboard and all the functions except just what I want him to see - or do I just exclude him from being able to USE that stuff. The db opens to a main menu that I designed. For now I just want him to have one form that I will design. I will give him an mde file so he can't go into design mode at all - but I want to keep this simple for him and for me.

Hi Libre,
being 'comfortable' comes with practice. For example, your 'scary' experience with locking yourself out of your own db should prompt you to get into the habit of saving the admin password in a safe place. You may also want to create a 'back door' way to bypass password prompts on systems that you create (in case your users change and then forget their admin passwords) by a function key combo you don't tell anyone about (you want to save that also !). Finally, when I am developping I keep an 'open' version of the app that I can easily get into through bypassing the autoexec macro. You want to 'lock' your database app via security as the last thing ! Always !

re EDIT: you can enable and restrict any function of the app by making it dependent on user security credentials.

Good luck,
Jiri

Libre · Mar 2, 2015

I didn't lose the password. I somehow created the Admin group with nobody in it. So nobody had the rights to go into design mode. And I agree that this should be the LAST step and to keep it open until then - but I'm ALWAYS developing new functions etc so I don't really get to the point of being ready to lock it down.
As far as a hotkey or some such a way to bypass all the security - is there a link that would show me how to do that?

RainLover · Mar 2, 2015

Several Back ups go a long way to help prevent a mistake.

The is some code that you can add that will allow you to use the bypass key.

There must be a copy on Google somewhere.

Libre · Mar 2, 2015

RainLover said:
Several Back ups go a long way to help prevent a mistake.

The is some code that you can add that will allow you to use the bypass key.

There must be a copy on Google somewhere.

Backups are useless if you don't have the rights to open the db - unless I'm missing something. But that's why I'm gunshy about this. I had backups up the wazoo - every one said sorry Charlie - no access. When you do the security wiz it lets you make a BU of the unsecured db. Great, but any development after that would be lost if you restored the unsecured one.

RainLover · Mar 2, 2015

Libre

you are right. I rushed my answer.

Therefore you need to find the code that enables the by pass key.

Or is your problem even more complicated than this.

Libre · Mar 2, 2015

I don't know, Rainlover.
I might be making it more complicated than it is - which is an uncapitalized talent that I have.
It's just that it works so effortlessly when it's unsecured - no logins to bog you down. The other users have broad access to other systems and if they weren't trustworthy they wouldn't.
One thing I always to is to compile my own "development" version of my db's (mdb's or accdb's) into mde files so the users can't go into design mode and change my objects or architecture. This I feel is necessary and I'm totally comfortable about that.
I have seen code windows pop up in mde's though, when that error message gives you the "debug" option. Another thing that gives me the shakes - users in code modules.

RainLover · Mar 2, 2015

See if you can get this to work.

The instructions should help.

Solo712 · Mar 2, 2015

Libre said:
I didn't lose the password. I somehow created the Admin group with nobody in it. So nobody had the rights to go into design mode. And I agree that this should be the LAST step and to keep it open until then - but I'm ALWAYS developing new functions etc so I don't really get to the point of being ready to lock it down.
As far as a hotkey or some such a way to bypass all the security - is there a link that would show me how to do that?

I use a sign-on form which is called from the startup form. It asks for a password and then matches the password and user name with the user table. The table assigns to each user a security level which determines what he/she can see or do. The security info for the session is kept in global variables. If no valid response was received, the form returns userlevel 0 which causes the main program to abort. The bypass of the password is accomplished through two elements, a (A) hot key combination via the Key_down event of the sign-on form and a (B) timer event which simulates the user clicking the enter button via SendKeys:

(A)

Code:

Private Sub Form_KeyDown(KeyCode As Integer, Shift As Integer)
   On Error Resume Next
   Select Case KeyCode
     Case vbKeyY
        If ((Shift And acAltMask) <> 0) And ((Shift And acCtrlMask) <> 0) Then
          KeyCode = 0
          Passthru = True
        End If
   End Select
   On Error GoTo 0
End Sub

and

(B)

Code:

Private Sub Form_Timer()
   If Passthru Then SendKeys "{TAB}" & "{TAB}" & "~", False
End Sub

The Enter key On_click event then registers the Passthru switch is on and assigns the highest security level and the user name "sysadmin". That is the gist of it.

Best,
Jiri

gemma-the-husky · Mar 2, 2015

libre

maybe it's to do with user-level-security problems caused by messing with admin groups, but after A2007, ULS has been deprecated, and if you want those facilities, you have to program them yourself. Rather easier, I think

ULS was never very easy to use anyway.

Libre · Mar 2, 2015

I'm so timid about installing security - I have not tried anything in 6-7 years dealing with it. I once installed it on one db, and then I could not even start a brand new db without that dreaded log-in screen hitting me in the face, only to tell me I had no rights. Eventually I found workarounds, I guess.
Suppose I took my db and made a copy in a distant folder on another drive or server. Then let's say I tried the security wiz on that. Is there any chance that the freaking, Machiavellian devil would migrate back and then demand a log in to my main db? I tell you, one of the most frightening moments of my ENTIRE life, was the time I mentioned before. I had a db and it was working beautifully. I had so much time and ingenuity in it I can't even start to tell you. But my boss was down on Access and computers in general. I worked on it on the sly. I was using it on my computer to do all sorts of tasks he knew nothing about. When I showed him what it could do, He FINALLY allowed me to install the system on his computer, and it was great for a few months. Then he demanded I develop it further. While he was out of the office I decided it was a good time to install security. So I used the wiz. This was Access pre2003 whatever version that was - 1997 or whatever. I tell you - when all of a sudden I could not get admin rights to that db OR restore a workable back-up I nearly ruined my underwear. I NEVER want to be in that situation again (even though this is a different db, different boss, different job).

Rainlover (and gemma and solo) - I do have an admin log on within my program that unlocks certain functions - makes certain things visible - I have a user table and roles assigned - global variables just like you said, that I programmed that all myself - in a desperate attempt to never get locked out again by that bastard Access security.

Frothingslosh · Mar 2, 2015

That is the best approach, since as they said, ULS was depreciated in 2007 and later versions. The last time I worked on a system they wanted secured, that's what I did - added a login/rights table and some forms so the administrator could handle security easily. If you're worried about still locking yourself out, you can add a hidden, 100% transparent button (rectangle, actually, with an on-click event) in an odd section on a rarely-used form that would, if you were running an accdb rather than an accde, toggle shift-bypass for the next startup.

I had to do that once because a co-worker not only kept getting into the databases I was working on because she hated using forms (my predecessor told her how to change an .addcr back to an accdb (for some reason, accde files wouldn't work on that server - never did figure that out), and how to F11 to bring up the database windown, and even about the shift bypass), but she'd keep messing things up, including once removing all my rights. Queue looking up AutoKeys, how to toggle shift-bypass, etc.

Libre · Mar 2, 2015

Thanks all - got my own security built in now. DB now opens to a log-in. I put the users in a table with roles. Depending on the role, after the user clicks SUBMIT on the log-in, then a procedure checks their ID and PWD, and if found, then a home environment opens. The user of one role never sees the environment of the other roles.
Working well. Then there is an additional log-in for admin functions, which I can bypass with an invisible button like Frothy said - I've had this for years.
BUT
what is the Encrypt with Password option under the file menu (I'm in Access 2013). This replaces the dreaded security wiz from pre 2007? What happens if I invoke this (not that I'm about to). I suppose you get a system log in before the db opens?

Different front end design, same BE (1 Viewer)

been around a little

Super Moderator

been around a little

Eledittingent Beliped

Super Moderator

VIP From a land downunder

been around a little

Registered User.

been around a little

VIP From a land downunder

been around a little

VIP From a land downunder

been around a little

VIP From a land downunder

Attachments

Registered User.

Super Moderator

been around a little

Premier Pale Stale Ale

been around a little

Similar threads

Users who are viewing this thread