Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Centralizing permissions

Status
Not open for further replies.
TonyKhela

TonyKhela

Technical User
May 7, 2002
157
GB
Hi All,

We have a web based Intranet system, which inserts/updates records in a database. The flow is:
1. Webpage1 has 4 buttons.
2. If you click on button1 it goes to a form which you fill in and subimit.
3. On submit, it runs an asp script to insert the record.

The problem is that if the user does not have permissions to insert then an error is returned.

I want to establish that the user does not have permissions up front, at Step 1, when you click on the Button1.

The users are internal & all log into NT. SQL server is configured with 'Windows Only' authentication mode.

So I thought that if we pick up the Windows 2000 username and groups that the user belongs to; and then compare with the permissions in the db (master..sysxlogins and DB1..sysuser & DB1..sysprotects) then we should be able to evaluate if the user WILL get the error and handle the error here.

Can anyone suggest a solution?
All help appreciated.
Thanks TK










 
Sort by date Sort by votes
Try using a stored procedure for your insert. Do not use dynamic sql and give the stored procedure the rights to do your insert.
Or are you wanting to grant insert rights to all users who might need it?

Hope this helps.
 
Upvote 0 Downvote
Hi TK,
I've solved a similar problem using Active Directory groups - I have the network people add users to AD groups, then I check a user's group membership before I display a page or part of a page that they might use. IOW, they never see a page or links to a page that they don't have the rights to use. This is a pretty common problem with websites in general - you want to catch things up front before the DB can generate permissions errors.

I hadn't thought about checking the DB permissions. I only have one DB user login and role for each type of access needed, to keep management simple; I use SQL logins rather than NT authentication. If you use ASP checking the AD groups is quite easy.

Tim
 
Upvote 0 Downvote
Thanks Tim,
How do you check for the 'user's group membership'. Could you share some ASP code for that.
thanks
TK
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Ikatiemarie
  • Locked
  • Question
Sp_send_dbmail permissions issue
Replies
0
Views
260
Ikatiemarie
Ikatiemarie
lesleycampbell
  • Locked
  • Question
User Permissions to Refresh Power Query from Stored Procedure
Replies
1
Views
117
philhege
philhege
Auguy
  • Locked
  • Question
Table Permissions When Using Data Adapter From .Net
Replies
2
Views
127
Auguy
Auguy
kjv1611
  • Locked
  • Question
List Groups Along with Tables and Permissions 3
Replies
8
Views
174
kjv1611
kjv1611
djj55
  • Locked
  • Question
Encryption permissions
Replies
0
Views
193
djj55
djj55

Part and Inventory Search

Sponsor

Back
Top