Allowing User Permissions to a Control

  • Thread starter Thread starter ssignore
  • Start date Start date
S

ssignore

Hello, Community!
I've created a database that will be used by about six people - three of
them will be main Data Entry Users at best. Currently, there is no security
on the dbase and I think it should be fine as the Users will not go into the
backend tables. (I'm also hesitant to start applying security because I'm
really green and don't know its 'inner workings'.)
The only item that really needs to be secured is the "Delete Record" button.
We do not want the Data Entry Users to delete records accidentally.

Is there a way to allow "Delete Record" to function for three of the six
Users?

Many thanks!
ssignore
 
On Wed, 15 Apr 2009 08:39:01 -0700, ssignore

Sure there is a way. Many ways, in fact. First off, kudos for being
cautious about security. Access' user-level security is indeed an
advanced topic you should not get into until you first download,
study, and fully understand the Security FAQ from microsoft.com. As my
friend Larry says: 30-some pages, no filler.

Here is a simpler approach. First ask Windows who is logged in:
http://www.mvps.org/access/api/api0008.htm , and if it is other than
some list of users, you set Me.AllowEdits to false:
dim strUser as string
strUser = fOSUserName()
if strUser = "my_first_user" or strUser = "my_second_user" or strUser
= "my_third_user" then Me.AllowDeletes = True
else Me.AllowDeletes = False
(change myObjectNames to yours)

-Tom.
Microsoft Access MVP
 
Tom,
Many thanks for the instructions; I guess I should have mentioned that I
also don't speak VB? (I was able to get guidance on restricting fields data
from being wiped out using a BeforeUpdate event and writing in code and I
thought I was a VB genius - for a half-second!)

I do understand the logic. The first set of code tells you who is using and
then the second set that you generously provided limits who can delete;
however, I'm muddled on where to insert this and what to change. I have a
'delete record' button. I guess I can look at the VB and see what the string
(?) is for the name.
Where does one insert the first set of code on User login? The more
important question is does one need to be an official "DBA" to get this info?
I'm not an administrator - I'm simply in a functional analysis unit and
we're doing this to help another unit try to go electronic and get rid of
their paper.

Many thanks for any additional guidance you can give me (if you have the
bandwidth!)
Thanks,
Simone
 
On Fri, 17 Apr 2009 06:15:02 -0700, ssignore

I should have written:
....and if it is other than some list of users, you set Me.AllowDeletes
to false...

The code from the article goes in a Standard Module. Anyone can call
this. Apps do this all the time. You don't have to be an
Administrator.
Yes, you will need to experiment a bit with what this function
returns. On my work computer (we're in a domain) it's different then
at home (in a workgroup). Simply set a breakpoint on the "if ..." line
and inspect the value of strUser.

The rest of the code goes in the Click event of the button.

-Tom.
Microsoft Access MVP
 
Tom,
I don't speak VB so I'm not sure what needs to be swapped out to make sense
for my database.
Firstly, does the code from the article need to be edited in anyway to make
sense for a specific dbase? It look as if it does not, but again, I don't
speak this language.

I think I can figure out where to change your recommended script to
accommodate my users and we use the Windows NT ID for user name.

Second,
Would your recommended script look like the following if the Managers' NT
IDs were ssignoretto, jgutierrez, and jsottile?

dim strUser as string
strUser = fOSUserName()
if strUser = "ssignoretto" or strUser = "jgutierrez" or strUser
= "jsottile" then Me.AllowDeletes = True
else Me.AllowDeletes = False

Again, your guidance is much appreciated.
Thanks,
Simone
 
Tom,
I hit "Post" too soon - sorry.

So, I do have to change the code from the article, but I don't understand
what you mean by the following statement:
"Simply set a breakpoint on the "if ..." line and inspect the value of
strUser."

Can you advise?
Thanks again,
Simone
 
On Fri, 17 Apr 2009 09:47:01 -0700, ssignore

No, the code from the article works as-is. All it does is call Windows
to ask for the name of the logged-in user, and it returns that name.

On the breakpoint: set your cursor on the line:
if strUser = "ssignoretto" (etc.)
and then hit F9 to set a breakpoint (F9 again clears it). Then run the
app and it will stop at that line. Then you can hover over strUser and
a tooltip will show the value, i.e. the name of the logged in user.
If I do that at work, it will say "kinetik-it\tvanstiphout", so I
would adjust my code accordingly.
If hovering does not work, there are at least two other options to
find out the value of strUser:
* Menu option View > Locals Window
* Hit Ctrl+G to get to the Immediate window, and type:
? strUser

-Tom.
Microsoft Access MVP
 
Tom,
I've added the code from the article into a new module as you advised.

I'm sorry, but I'm lost on the rest of it (well, I don't even understand the
module, to be honest - I'm a fairly green Access user.)

I think you're telling me that as an Admin, it's advantageous to be able to
hover over a strUser to tell whether they are in the database?

However, the syntax eludes me.
There is an [Event Procedure] on the "delete record" button, which obviously
is for people like me who do not know how to code.

So how do I get the user Identification code of:

dim strUser as string
strUser = fOSUserName()
if strUser = "ssignoretto" or strUser = "jgutierrez" or strUser
= "jsottile" then Me.AllowDeletes = True
else Me.AllowDeletes = False


to work with the actual Delete Record code of:

Private Sub delete_record1_Click()
On Error GoTo Err_delete_record1_Click


DoCmd.DoMenuItem acFormBar, acEditMenu, 8, , acMenuVer70
DoCmd.DoMenuItem acFormBar, acEditMenu, 6, , acMenuVer70

Exit_delete_record1_Click:
Exit Sub

Err_delete_record1_Click:
MsgBox Err.Description
Resume Exit_delete_record1_Click

End Sub


When I try to put these together on the Click of delete_record, I get an
error.
Again, many thanks for all the help.
Regards,
Simone
 
Back
Top