Hi Lee,
Sorry to be the bearer of ill news, but I believe (though will gladly stand corrected) that you are stuck with "that 'orrible lil security window with all its fiddly lil non copy and pasteable controls", aka, the User and Group Permissions dialog. That's the only Access interface element that can report user permissions on objects granted above and beyond, or in lieu of, group permissions. And I don't think custom user permissions can be got at via code. The DAO security object model isn't rich enough, and while the ADOX object model has a GetPermissions method for the User's collection, practically speaking it can only list permissions granted on tables (no other app objects). Even then GetPermissions returns a single long integer value which needs to be interpreted in hexadecimal format, then compared against the ADOX rights enum. For instance, if Jane Doe has read data and read design permissions on tableA, code like:
lngPerm = cat.Users("Jane Doe").GetPermissions("tableA", adPermObjTable)
returns -2147482624 which is the equivalent of hex FFFFFFFF80000400 (you have to do the math). So you go to the ADOX rights enum, see that adRightRead = &H80000000 and adReadDesign = &H400, and that the combination of these two constants yields decimal -2147482624. Pretty ugly. Adding a few more rights adds a few more constants and the math gets really weird.
Look at the bright side though: maybe I'm just dead wrong and someone out there has the well kept secret. Also seen some third-party freeware clones of "that 'orrible lil security window with all its fiddly lil non copy and pasteable controls" but couldn't google 'em. Check around.
Maybe you got lucky and all the users in your db inherited their rights from the groups they belong to, i.e. the Permissions check boxes in the Users and Group Permissions dialog are all unchecked. Then you would know what permissions are granted on all of your db objects based on what the Groups are allowed to do. SImplifies things a little.
HTH,
Bob
|