I'm working on the security portion of this vb app. In the application the
user is presented with a list of commands that can be executed on a piece of
data.
My client wants to be able to block certain users from seeing certain
commands on their screen.
The commands are loaded into a listview from a table.
I've created a role for each combination of command/province(A user may be
able to execute a command on an Ontario piece of data but not a Quebec
piece).
I just modified the query that loads the list box so that it includes an
IS_Member with the command/province combination.
The roles were easy to create(sql query to create the sp_addrole commands).
And the query modifications were easy as well. Is_Member barely affects
query times(very fast).
I've also created roles that contain these roles so a user only has to be
added to one role to get access to large groups of commands.
I may have one problem though. I've created hundreds of roles on the
server. Is that a problem? Can anyone tell me if there's a better way of
doing this?
Thanks in advance.
J
P.S. The application has just under 500 users and is going to hit 1000 in a
couple of years.