Thread: User Logins - Restricting Buttons/Forms
View Single Post
  #4  
Old January 3rd, 2007, 08:15 PM posted to microsoft.public.access.forms
Lynn Trapp
external usenet poster
  
Posts: 173
Default User Logins - Restricting Buttons/Forms
Jeff,
You need to get a copy of the Security FAQ, read it several times, and
follow it to the letter. Just creating user names is not sufficient to doing
what you want. By default, all users have the same permissions as the Admin
user unless you modify things as layed out in the Security FAQ. There's a
lilnk to it on the Security page of my website.

--

Lynn Trapp
Microsoft MVP (Access)
www.ltcomputerdesigns.com


"Jeff Monroe" wrote in message
...

Crystal:

Thank you for the response to my question.

Can you break it down into more detail? I am having trouble getting the
AccessLevel criteria (i.e., "admin", "user", "viewer") of the person
logged-in in order to activate fields and/or forms and filters.

For instance I log in (jmonroe) and I have access level of "admin".
After I'm logged in, I can access all forms and all user information.
Now, John Smith logs in (LoginName "jsmith") with
AccessLevel "user", he should not be able to access "admin" forms &
fields, and when he views tblEmployees data via a form, he can only
view "jsmith's " data.

Thank you so much for you help and patience, and have a happy new
year!

Jeff
************************************************** ******************

strive4peace Wrote:
Hi Jeff,

you can use the form OPEN event to check and see if the user has
sufficient priviledges to view the form

you can do this in the Open event to cancel opening the form...

'~~~~~~~~~~~~~
Cancel = True
'~~~~~~~~~~~~~

An easy way to implement letting the "logged in user edit their profile

information" is to set AllowEdits to False when the form is LOADed (you

can probably put this on the Open event too)

then, use an EDIT command button. In the Click code, you can check to

see if the user is on their record and, if so

'~~~~~~~~~~~~~
Me.AllowEdits = True
'~~~~~~~~~~~~~

then, on the form CURRENT event

'~~~~~~~~~~~~~
Me.AllowEdits = False
'~~~~~~~~~~~~~



Warm Regards,
Crystal
*
(: have an awesome day
*
MVP Access
Remote Programming and Training
strive4peace2006 at yahoo.com
*



Jeff Monroe wrote:-
Hello:

I am creating a mutli-user database and need help with controlling
access to forms and buttons based on the user's profile. First of
all,
I am not using the built-in security wizard (mdw). I'd prefer not to
mess with it. This is a pretty simmple database and I'm not worried
about anyone hacking into it.

I have a table (tblEmployees) with three fields: [LoginName],
[Password], and [AceesLevel]. When launched, the user enters in their
LoginName (via combo-box) and enters their password which gives them
access to the database.

Here is what I am attempting:

I would like to restrict certain forms and buttons depending on the
AccessLevel (admin, user, viewer)assigned to the user logging in (as
per the tblEmployees.AccessLevel). I've been able to do that based on
their LoginName, but I'd rather base it on the three (or possibly
more)
levels, but not for an infinite number of LoginNames. Admin would
have
full access; User would have everything but Admin privileges, and
Viewer can just view.

Specifically, I want to create an "Employee Profile" form that will
let
the logged in user edit their profile information (password,
extension,
etc), but not view any other's, and of course Admin can view and edit
them all.

Thanks to anyone who responds.

jwmonroe



-




--
Jeff Monroe