Wrox Programmer Forums
| Search | Today's Posts | Mark Forums Read
Access Discussion of Microsoft Access database design and programming. See also the forums for Access ASP and Access VBA.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Access section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
  #1 (permalink)  
Old January 31st, 2005, 12:41 PM
Friend of Wrox
  
Join Date: Sep 2003
Location: Salisbury, Wiltshire, United Kingdom.
Posts: 155
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to leehambly
Default User and Group Persmissions
Hi all,

Maybe a simple solution to this is out there, would be nice if it is...

I have a secure (Access security secure) mdb with mdw. I would like to be able to establish the permissions by Group (and then by User) for each and every tbl, qry, frm, rpt and mcr in the database. This is with a view to creating a hard-copy support document, for the "unlikely" event that the whole thing falls over. I have been able to get the User and Group set ups from the mdw, but where exactly are the permissions for each object stored? I've looked everywhere and can't see it anywhere.

Obviously it would have been nice to have documented this as I developed it, but I never developed the damned thing, and the developer never documented it either... tsk! And my last resort, after this, is that 'orrible lil security window with all its fiddly lil non copy and pasteable controls! Oh joy... any help out there? Someone must have had to do this before???

Cheers and look forward to hearing your suggestions...

Lee
  #2 (permalink)  
Old February 1st, 2005, 12:35 AM
Friend of Wrox
  
Join Date: Jun 2003
Location: , , USA.
Posts: 1,093
Thanks: 1
Thanked 12 Times in 11 Posts
Default
Hi Lee,

Sorry to be the bearer of ill news, but I believe (though will gladly stand corrected) that you are stuck with "that 'orrible lil security window with all its fiddly lil non copy and pasteable controls", aka, the User and Group Permissions dialog. That's the only Access interface element that can report user permissions on objects granted above and beyond, or in lieu of, group permissions. And I don't think custom user permissions can be got at via code. The DAO security object model isn't rich enough, and while the ADOX object model has a GetPermissions method for the User's collection, practically speaking it can only list permissions granted on tables (no other app objects). Even then GetPermissions returns a single long integer value which needs to be interpreted in hexadecimal format, then compared against the ADOX rights enum. For instance, if Jane Doe has read data and read design permissions on tableA, code like:

lngPerm = cat.Users("Jane Doe").GetPermissions("tableA", adPermObjTable)

returns -2147482624 which is the equivalent of hex FFFFFFFF80000400 (you have to do the math). So you go to the ADOX rights enum, see that adRightRead = &H80000000 and adReadDesign = &H400, and that the combination of these two constants yields decimal -2147482624. Pretty ugly. Adding a few more rights adds a few more constants and the math gets really weird.

Look at the bright side though: maybe I'm just dead wrong and someone out there has the well kept secret. Also seen some third-party freeware clones of "that 'orrible lil security window with all its fiddly lil non copy and pasteable controls" but couldn't google 'em. Check around.

Maybe you got lucky and all the users in your db inherited their rights from the groups they belong to, i.e. the Permissions check boxes in the Users and Group Permissions dialog are all unchecked. Then you would know what permissions are granted on all of your db objects based on what the Groups are allowed to do. SImplifies things a little.

HTH,

Bob


Similar Threads
Thread Thread Starter Forum Replies Last Post
Could we get a User Group Forum for Culminis UGs? tvanderkooi Forum and Wrox.com Feedback 4 July 15th, 2010 06:12 AM
The user or group name 'BUILTIN\Administrators' is woojtii Reporting Services 0 June 15th, 2006 12:07 PM
Add User to group - Active Directory anurag_ur C# 0 January 16th, 2006 09:13 AM
Add User to group - Active Directory anurag_ur ASP.NET 1.0 and 1.1 Basics 0 January 16th, 2006 09:13 AM
Cheking if a user belong to a group marino22 VBScript 3 November 21st, 2005 08:58 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.