467,081 Members | 990 Online
Bytes | Developer Community
Ask Question

Home New Posts Topics Members FAQ

Post your question to a community of 467,081 developers. It's quick & easy.

security: user level vs. group level

I have a user (john.doe) as a member of a group (MyGroup). I have
assigned group permission to view and run the queries of that db but
then when I log in with that user, I still can't access the queries.
However, when I change that individual user's permissions to allow
access to the queries it goes through fine and he can access it.

Don't understand what's going on here and certainly don't want to have
to assign indiv permission to every single user in the db. I would much
rather prefer the groups approach.

Thanks in advance for any advice or tips.

Angelo

Nov 13 '05 #1
  • viewed: 1595
Share:
1 Reply
"Angelo" <an*******@gmail.com> wrote in message
news:11*********************@g49g2000cwa.googlegro ups.com...
I have a user (john.doe) as a member of a group (MyGroup). I have
assigned group permission to view and run the queries of that db but
then when I log in with that user, I still can't access the queries.
However, when I change that individual user's permissions to allow
access to the queries it goes through fine and he can access it.

Don't understand what's going on here and certainly don't want to have
to assign indiv permission to every single user in the db. I would much
rather prefer the groups approach.

Thanks in advance for any advice or tips.

Angelo

The ability to assign permissions to groups rather than users is pretty
important and is used by all secured applications I have developed. I have
yet to come across an instance when this feature did not work as advertised.
You should remove all permissions from the account John Doe and remove him
from all groups but the Users group. He should not then be able to do
anything. Next, try adding him to the Admins group. Can he do all he
needs? If so, remove him from Admins and add him to MyGroup. If he can't
do what he needs to (as you say) then there is a problem with the
permissions for MyGroup.
Perhaps you are trying something more advanced like removing permissions to
read the table as a whole, but allow reading a query which selects only a
selection of the fields (or rows). If so, then you need to investigate
queries set as RWOP (read with owner permissions).
Nov 13 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

116 posts views Thread by Mike MacSween | last post: by
reply views Thread by Mark Broadbent | last post: by
5 posts views Thread by Norsoft | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.