I'm venturing into an unknown area and would like some advice as to what path I should take. I have a database that tracks our loans. Information like who the loan officer is and who the loan processor is are the key information here and is stored in tblLoans. The end goal is to have it so that each loan processor can only see the loans in tblLoans that they are assigned to and each loan officer can only see the loans in tblLoans that they are assigned to.
I would like to be able to use the username that was used to log into Windows as the filter so that I don't have to mess with storing passwords and so that the users won't have to remember another password. I do have a table of employees that stores the Windows username so that I can match them up and see what access they should have. My thinking is that I would have a form open when the database opens that would get the Windows user name and then find the match in the employees table (would also need something for if no match was found, but that will go in a different thread). Once the match is found, then it would get the employee position (Loan Officer or Loan Processor). Based on the employee position, the records would be filtered by either the LoanProcessor field or the LoanOfficer field (I'm not sure if this should be done through a filter in the form or through a query criteria. Help on this would be appreciated). Once this "splash" form has gotten the user information, it would close and open the home form.
I could also create two separate databases: one for loan officers and one for loan processors.
I'm not looking for any exact solution here, but more of a direction (possibly one that I haven't thought of). Once I have a direction, I can search online for how to do it and post in here (in different threads) if I get stuck.
***Edit***
I could have up to 20 (could grow later) users in this database at once. Should I look into putting the backend into either a MySQL or PostgreSQL database and do the permissions through the built-in features? I know Access lists that it can have up to 255 users connected at the same time, but all of the discussions that I have found say that Access gets really slow when there are a lot of users (undefined number) and that it really isn't built for this type of thing. 20 users is the about five times the number of users that I have ever designed for so I don't have any personal experience in what kind of performance issues Access would have.
There's very little to say Seth, other than to admonish you to avoid asking multiple questions in one thread ;-)
As far as the design is concerned what you are talking about seems solid. How and what you filter is just the details. The filtering can work on both Loan Officers and Loan processors, without too much complication. You may want to consider how you store the user ID. Sometimes, when the project crashes for instance, project level data is reset, but as long as you test for this before using you should be OK. That's another question anyway.
If you take the standard approach of a single BE (where all the data is actually stored) and multiple copies of the FE (the project) such that each user has their own copy, then things ought to work well enough as long as you code with multiple access in mind.
7  1556  NeoPa 32,556
Expert Mod 16PB
There's very little to say Seth, other than to admonish you to avoid asking multiple questions in one thread ;-)
As far as the design is concerned what you are talking about seems solid. How and what you filter is just the details. The filtering can work on both Loan Officers and Loan processors, without too much complication. You may want to consider how you store the user ID. Sometimes, when the project crashes for instance, project level data is reset, but as long as you test for this before using you should be OK. That's another question anyway.
If you take the standard approach of a single BE (where all the data is actually stored) and multiple copies of the FE (the project) such that each user has their own copy, then things ought to work well enough as long as you code with multiple access in mind.
The general idea of your approach is sound enough. A few things I wish to note though.
Performance wise I have had 30 users at a time doing heavy reading from a Access backend on a network share without issues.
Now that you start mentioning loans however, I would advice that you consider the safety of the data. SQL servers have more detailed user control built in, but they (imo) also have a steep learning curve. You need to at least consider the scenario of what would happen if a user got through to the backend, and manually changed the balance on a few loans?
If you need more control over what can be read, and especially over-written then I would consider if you need a different backend.
I'm not sure of you know about RCAC feature of DB2 10.1 LUW -not sure if it's already bundled with the express-C edition or not but don't think. I'm sure that any RDBMS that have such feature will be perfect for your case.
Before RCAC we were using an old trick. Create a view that query data for a specific user. Grant that user access to that view and revoke him access from the original table. Not sure if that would work in your case.
@NeoPa Apologies for the multiple questions. I guess my mine problem was knowing whether to use a filter or the WHERE clause in a query. Your answer gave me the answer that I needed on that and is much appreciated.
@Smiley Thanks for the performance info. As far as security, our core system takes care of the payment, balance, fees, etc. information. My database is just to track where it is in the process (waiting on the appraisor, who has the loan file, etc.). The biggest reason for the user access control is so that the loan processors can't see how many loan the other processors have been assigned and complain if they have a heavier load.
@Anas Mosaad I'm not sure what RCAC is. I quick google search came up with a ton of different things and a list of common acronyms didn't come up with anything that seemed to be related to databases.
RCAC = Row and Column based Access Control
Thanks Anas. I will look into it and post specific questions in a different thread.
Thanks everyone for your input.
I'm looking forward to your questions :)
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Me |
last post by:
Hi, I have an interesting need:
after merging dozens of databases on a large company IT environment,
we would like to know, over time, which objects of the 3 MDBs left are
most often used by...
|
by: Patrick |
last post by:
I'm working on a contact management application, and need a hand with one
aspect...
Here's what I want to create:
------------------------------------
A form split into two parts. There is a...
|
by: c676228 |
last post by:
Hi,
I guess I am confused. In aspx script, I mean (you won't use
Codebehind="enrollinfo.aspx.vb", but mix code with html and code together)
You can access user control's property directly. Since I...
|
by: harry12 |
last post by:
Hello-
I'm fairly new at using Microsoft Access and I'm having trouble getting a couple of things to work in my database.
The first is that I have yet to find a way to get an append query to...
|
by: Sid |
last post by:
I hope somebody could help me with this.
I have a access database which includes some forms, queries and
tables. Once I upload it on to the office network, I was hoping if I
could set up...
|
by: tahseenm |
last post by:
Just want to know I created a database and created a form and I give access to certain user to get in and add the stuff. For example If I am adding a record or changing something in that record and...
|
by: G04 |
last post by:
Hi All,
I have a continuous form with all records. For each field there is a combo in the form header and the form also contains a Toggle button "Apply Filter".
When clicked, it changes to...
|
by: hotflash |
last post by:
Hi All,
Can someone please tell me if there is a GOOD ASP script out there that allows the admin to keep track of the MS Access User Activities? Thanks for your help.
|
by: =?Utf-8?B?Qkw=?= |
last post by:
I am in a problem to access user control(.ascx) on a .aspx page
the following is my scenario
I have following directory structure -
Autoboom
- workshop
-- WSFirst
-showroom
|
by: matthardwick |
last post by:
I have a form that has lots of sub forms on it. The user shouldn't be editing the information that isn't part of the sub forms, and the fields are locked... but when a user presses return/enter -...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
