I hope I can explain this clearly.
I have this database that calculates Bids for construction jobs. You log
in, (login id and password) select a project, go into that project and
create a "bid" where they can add items that will be needed for construction
(2x4, 4x4, nails, etc). They have the ability to create multiple versions
of the bid on each project.
At this point everyone has access to every project, as this is necessary.
General users have read/write access to add/edit/remove bids and items from
bids, they do not have the ability to change the project list or the list of
items to choose from. Admins have the ability to do everything (including
add/remove projects and Items from the master list). Finally, there is
"read only" for those who only need to print the bids.
But what they've asked is, can I set up security somehow so that if User Joe
creates Bid on XYZ project and creates versions and adds items that ONLY
User Joe can go in and delete items or Versions that he created. Likewise
UserJane can only view Joe's versions but cannot delete them. BUT, User
Joe's Secretary may be tasked with doing the data entry for the items, so
she will log in as herself but access the project and add
Currently there are 20,000 available projects and there isn't anything
stating which user controls which project. All users may potentially work
on a project.
There are also over 2000 items to choose from when creating a bid.
Secretaries could have access to add/remove items from a bid, but not have
access to add/remove bids.
Contractors could have access to add/remove items from their bid, but not
someone elses. Likewise for version of a bid or bids themself.
Is this something that is possible to do and where might I begin to look to
learn how to do something like this?
1  1937 
It's possible, but sounds like it might be a bit of an undertaking. I assume
you are using the Access User Level security model. If so, you could add a
field to the necessary tables and store the user name of the CurrentUser.
Then you would need to put code behind your data entry forms to give the
various groups you set up different kinds of access. The code you need is in
the Security FAQ. There is a link to it on the Security page of my website.
--
Lynn Trapp
MS Access MVP www.ltcomputerdesigns.com
Access Security: www.ltcomputerdesigns.com/Security.htm
"JayJay" <jj****@notmail .com> wrote in message
news:bj******** ****@ID-87431.news.uni-berlin.de... I hope I can explain this clearly.
I have this database that calculates Bids for construction jobs. You log
in, (login id and password) select a project, go into that project and
create a "bid" where they can add items that will be needed for
construction (2x4, 4x4, nails, etc). They have the ability to create multiple
versions of the bid on each project.
At this point everyone has access to every project, as this is necessary.
General users have read/write access to add/edit/remove bids and items
from bids, they do not have the ability to change the project list or the list
of items to choose from. Admins have the ability to do everything
(including add/remove projects and Items from the master list). Finally, there is
"read only" for those who only need to print the bids.
But what they've asked is, can I set up security somehow so that if User
Joe creates Bid on XYZ project and creates versions and adds items that ONLY
User Joe can go in and delete items or Versions that he created.
Likewise UserJane can only view Joe's versions but cannot delete them. BUT, User
Joe's Secretary may be tasked with doing the data entry for the items, so
she will log in as herself but access the project and add
Currently there are 20,000 available projects and there isn't anything
stating which user controls which project. All users may potentially work
on a project.
There are also over 2000 items to choose from when creating a bid.
Secretaries could have access to add/remove items from a bid, but not have
access to add/remove bids.
Contractors could have access to add/remove items from their bid, but not
someone elses. Likewise for version of a bid or bids themself.
Is this something that is possible to do and where might I begin to look
to learn how to do something like this?
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Olaf Baeyens |
last post by:
Can someone out there point me to a URL or other reference how to use these
security stuff in .NET?
I know everything can be found online on the msdn but since I am new to this
security stuff, I have a very hard time to find the correct page in the
zillions of abstract pages talking about this topic.
One of the problems is this:
I can find information about FileIOPermission here:
|
by: craig |
last post by:
I am working on my first .NET development project that involves custom
role-based security per the project requirements. This lead to a general
design issue this week that really caused us some concern. I have described
the situation below because we are very curious to see what other, more
experienced, developers might suggest. The specific classes and fields are
used just to illustrate the concepts.
Our application uses role-based...
|
by: rjames.clarke |
last post by:
I am developing an online application and the last thing I need to get
a handle on is security.
This app is very heavy with forms. Business critical data will be
entered via forms and inserted in to a database (mysql).
I've google "php security" and from what I've read, I should:
1) Filter all form data by stripping all non-alpha/numeric characters
out,
|
by: Mike MacSween |
last post by:
S**t for brains strikes again!
Why did I do that? When I met the clients and at some point they vaguely
asked whether eventually would it be possible to have some people who could
read the data and some who couldn't but that it wasn't important right now.
And I said, 'sure, we can do that later'.
So now I've developed an app without any thought to security and am trying
to apply it afterwards. Doh!, doh! and triple doh!
|
by: Mark |
last post by:
All,
I know this topic has been covered many times, but this particlar
question is of a subject which I am just learning (VB). Once I have
established what is possible, the individual will be approached and possibly
disciplined but I wanted to get the lowdown first.
Background:
FE/BE on LAN. XP platform with office XP.
I am using Access security (for group permissions e.g. no read on any of the
| | |
by: cs5b |
last post by:
I am looking for the official javascript security specification for web
browsers. EMCAScript and DOM spec does not seem to contain a section on
security, so I assume none exists and the security policies are
implemented as the vendor pleases. If so, do security specs for IE and
Mozilla exist?
Any pointers would be greatly appreciated.
Christian
|
by: nancy |
last post by:
I am new to PHP but have done other programming
can someone please hold my hand and slowly talk me through some simple
security issues?
I have seen in PHP documents that there are 'strip slashes' commands and
so on but I dont understand where the security issues actually are.
i am writing some scripts that will shell out and call different linux
shell programs such as 'ls' or 'grep' or 'sed' and so on and possibly
update a 'mysql'...
|
by: smjawad |
last post by:
Hi,
I am developing a system on which multiple front-end kiosks machines
will be connected to a central server. I am being asked for the
authentication mechanism for the machines, like how will the central
server authenticate the machines on the network. IP authentication or
password authentication is too simple for them. I thinking more on
the lines of some sort of digital certificates. But I have seen them
run
on servers, never on...
|
by: Earl Anderson |
last post by:
First, I feel somewhat embarrassed and apologetic that this post is lengthy,
but in an effort to furnish sufficient information (as opposed to too little
information) to you, I wanted to supply all of the relevant facts. Second,
despite the fact that I think the obvious 'quick' answer to my question
would be 'Yes', I am seeking your wisdom and recommendation to the question
as to this particular set of circumstances.
I have 20 Security...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
