QuasiSecuring MDB

[thisisntwally]

i thought i would post my plans, before implimentation because a. you guys usually recommend scrapping my idea and b. im not sure exactly how to go about implimenting it.

Now for the details. I've built a database for the purpose of processtracking and document archival. This doesn't need to be too secure, all im really trying to do is cut down on the potential for unintentional-user-driven-database-destruction. There are 6 analysts who will need input/reporting abilities, two or three admintypes who will get complete access, and anyone else just gets to search for records, and print reports (and the embedded pdfs)

I've built the basic search mechanism, however before i continue I wanted to figure out how im doing this security business. I have already set up the DB to recognice environ(username) which assigns names to created records, and also hangs out on an invisible form for later use. My idea was to have a table of Admin/users' environ(username)s and their permission status (0 or 1) and in the event that the individual opening the db was not on the table they would be limited to a watered down search option.

would it be easier to lock each usertype into their own series of forms, or to have the forms morph to meet the users needs? and ease of construction aside, how might i go about the transformer-forms if i wanted to?

 

[The_Doc_Man]

1. What you describe, though possible, would be done better by implementing Workgroup security. Search this forum for many topics on "Securing a Database" and "Workgroup Security" - and just "Workgroups"

{best Yoda voice} There is no quasi-secure. There is only secure or not secure. {/best Yoda voice}

2. Whatever you are going to do would best be done in the context you describe by putting VBA code in the individual form_open routines to enable or disable the fields appropriate to each function.

 

[thisisntwally]

not secure MDB

thank you doc man, in all honesty i was hoping that you would be the one to respond to this one. I had seen some negativity towards access's built in security and thus was shying away from it - I'll check it out.

 

[boblarson]

I had seen some negativity towards access's built in security and thus was shying away from it - I'll check it out.

I think a lot of that is due to not understanding it and how to use it.

 

[thisisntwally]

i've been looking over the access security setup. One of the reasons i liked the idea of coding permissions by username was that I could avoid forcing my users to adopt yet another username and password. Most people here now keep a list of 25 or so different logins and if i can do this without adding to that list, this database will be recieved more welcomingly. welcomingly is a sweet word. As my continued employment here at the DOE rides on this project im really trying to make it as painless as possible. So it looks like its time to investigate all of this .enable = true business. Any recommended threads would be welcome.