Learn Microsoft Access Advanced Programming Techniques, Tips and Tricks.

User and Group Check

Introduction.

In a secured Database; basic access rights to Objects like Tables, Forms, Queries, and Reports are defined for specific Workgroups/Users as a one-time exercise. This takes effect automatically when a User belonging to a particular Workgroup accesses the Database Objects.

For example: Assume that the Employees Table is set with only Read Data permission for Group-A Workgroup.  When a User belongs to Group-A opens the Employees Form with the Employees Table as Record Source or opens the Table directly, he cannot execute Update/Insert/Delete Data operations on the Table. 

But, if we want to make this scenario a little more flexible like allowing for Update data, then this can be enabled in the User and Group Permissions Control under the Security option in the Tools Menu.

In this case, all Users belonging to Group-A Workgroup can Edit and Update all Data Fields of the Employees Table.  Normally, Users are never allowed to open Tables directly, but through Data Entry/Edit/Display Forms, allowing the Developer more control over the Users.

When we assign Update Data permission all data fields can be modified/updated by Users.  But, if we want to prevent the Users, from making changes to certain fields of data; it cannot be done through the normal security methods explained above.

Field-Level Security Implementation.

This level of security can be implemented only through Visual Basic Programs.  This method can be implemented in the following way:

  1. When the Employee Form is open by the User for normal work, we can get the User Name through the CurrentUser() Function.

  2. The next step is to check whether this User belongs to the Group-A Workgroup or not.

  3. If so, then lock the Birth Date and Hire Date fields on the Form, so that the current user is prevented from making changes to these two field values.

We need two programs to try out this method:

  1. A Function to check and confirm whether the User Name passed to it belongs to a particular Workgroup, if so send a positive signal back to the calling program.

  2. If the user is identified as a member of the Group-A Workgroup then the Birth Date and Hire Date data fields are locked on the Form through the Form_Load() Event Procedure so that the current user cannot edit the contents of these fields.

  3. If the user belongs to some other Workgroup then the above fields are unlocked and allowed to edit/update.

The Demo Run.

To try this out:

  1. Import the Employees Table and Northwind.mdb

  2. Open an existing Standard VBA Module or create a new one.

  3. Copy and paste the following Visual Basic Code into the Module and save it:

    Public Function UserGroupCheck(ByVal strGroupName As String, ByVal strUserName As String) As Boolean
    Dim WrkSpc As Workspace, Usr As User
    
    On Error GoTo UserGroupCheck_Err
    
    Set WrkSpc = DBEngine.Workspaces(0)
    
    For Each Usr In WrkSpc.Groups(strGroupName).Users
    If Usr.Name = strUserName Then
        UserGroupCheck = True
        Exit For
    Else
        UserGroupCheck = False
    End If
    
    Next
    
    UserGroupCheck_Exit:
    Exit Function
    
    UserGroupCheck_Err:
    MsgBox Err.Description, , "UserGroupCheck_Err"
    Resume UserGroupCheck_Exit
    
    End Function
  4. Open the Employees Form in Design View.

  5. Display the Form's VBA Module (View - -> Code).

  6. Copy and paste the following code into the VBA Module and save the Form:

    Private Sub Form_Load()
    Dim strUser As String, strGroup As String, boolFlag As Boolean
    
    strUser = CurrentUser
    strGroup = "GroupA" 'replace the GroupA value with your own test Group Name
    boolFlag = UserGroupCheck(strGroup, strUser)
    
    If boolFlag Then
       Me.BirthDate.Locked = True
       Me.HireDate.Locked = True
    Else
       Me.BirthDate.Locked = False
       Me.HireDate.Locked = False
    End If
    
    End Sub
  7. Open the Form in Normal View.

  8. Try to change the existing values in the Birth Date and Hire Date Fields.

If the Current User name belongs to the Workgroup name you have assigned to the strGroup Variable then the Birthdate and HireDate fields will be in the locked state.

Tip: Even if your database is not implemented with Microsoft Access Security you can test these programs. Assign the value Admins to the strGroup variable in the above Subroutine. By default, you will be logged in as Admin User, as a member of the Admins Workgroup. This will lock both the above test fields from editing when the Employees Form is open.

Technorati Tags:
Share:

No comments:

Post a Comment

Comments subject to moderation before publishing.

PRESENTATION: ACCESS USER GROUPS (EUROPE)

Translate

PageRank

Post Feed


Search

Popular Posts

Blog Archive

Powered by Blogger.

Labels

Forms Functions How Tos MS-Access Security Reports msaccess forms Animations msaccess animation Utilities msaccess controls Access and Internet MS-Access Scurity MS-Access and Internet Class Module External Links Queries Array msaccess reports Accesstips WithEvents msaccess tips Downloads Objects Menus and Toolbars Collection Object MsaccessLinks Process Controls Art Work Property msaccess How Tos Combo Boxes Dictionary Object ListView Control Query VBA msaccessQuery Calculation Event Graph Charts ImageList Control List Boxes TreeView Control Command Buttons Controls Data Emails and Alerts Form Custom Functions Custom Wizards DOS Commands Data Type Key Object Reference ms-access functions msaccess functions msaccess graphs msaccess reporttricks Command Button Report msaccess menus msaccessprocess security advanced Access Security Add Auto-Number Field Type Form Instances ImageList Item Macros Menus Nodes RaiseEvent Recordset Top Values Variables Wrapper Classes msaccess email progressmeter Access2007 Copy Excel Export Expression Fields Join Methods Microsoft Numbering System Records Security Split SubForm Table Tables Time Difference Utility WScript Workgroup database function msaccess wizards tutorial Access Emails and Alerts Access Fields Access How Tos Access Mail Merge Access2003 Accounting Year Action Animation Attachment Binary Numbers Bookmarks Budgeting ChDir Color Palette Common Controls Conditional Formatting Data Filtering Database Records Defining Pages Desktop Shortcuts Diagram Disk Dynamic Lookup Error Handler External Filter Formatting Groups Hexadecimal Numbers Import Labels List Logo Macro Mail Merge Main Form Memo Message Box Monitoring Octal Numbers Operating System Paste Primary-Key Product Rank Reading Remove Rich Text Sequence SetFocus Summary Tab-Page Union Query User Users Water-Mark Word automatically commands hyperlinks iSeries Date iif ms-access msaccess msaccess alerts pdf files reference restore switch text toolbar updating upload vba code