Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Preventing users from creating objects 1
- Thread starter shaunacol
- Start date
-
1
- #2
Here's a sample for tables. Modify it as you need for
other objects and don't forget to build in error checking.
Sub NoObjects(strGroupToProhibit)
Dim db As Database
Dim con As Container
Dim strSystemDb As String
'obtain name of system file
strSystemDb = SysCmd(acSysCmdGetWorkgroupFile)
Set db - CurrentDb
Set con = db.Containers("Tables"
Con.UserName = strGroupToProhibit
con.Permissions = con.Permissions and Not dbSecDBCreate
End Sub
Steve King
other objects and don't forget to build in error checking.
Sub NoObjects(strGroupToProhibit)
Dim db As Database
Dim con As Container
Dim strSystemDb As String
'obtain name of system file
strSystemDb = SysCmd(acSysCmdGetWorkgroupFile)
Set db - CurrentDb
Set con = db.Containers("Tables"
Con.UserName = strGroupToProhibit
con.Permissions = con.Permissions and Not dbSecDBCreate
End Sub
Steve King
MichaelRed
Programmer
Interesting. I had not thought of this approach. I always use the group permissions, which is generally easier for me as I have MANY more users than groups.
MichaelRed
redmsp@erols.com
There is never time to do it right but there is always time to do it over
MichaelRed
redmsp@erols.com
There is never time to do it right but there is always time to do it over
- Thread starter
- #4
MichaelRed
Programmer
Steve's approach is still the way to go. You just need to modify it to address the group permissions, as opposed to the User's individual permissions.
ALL user permissions should essientially be DIABLED. They should ONLY hav 'permissions' derived from their group memberships.
Generally speaking, the groups's need to be rather narow and specific.
Usually at least one group which can do little or nothing except "run' the canned reports and possibly view forms (but not edit them or add new data).
Another, a group which may edit data. Nothing else. These (where necessary) may also belong to to the group which may 'run' stuff.
Another for Programmers. Most permissions. May also be in 'run' &/or 'edit'
MichaelRed
redmsp@erols.com
There is never time to do it right but there is always time to do it over
ALL user permissions should essientially be DIABLED. They should ONLY hav 'permissions' derived from their group memberships.
Generally speaking, the groups's need to be rather narow and specific.
Usually at least one group which can do little or nothing except "run' the canned reports and possibly view forms (but not edit them or add new data).
Another, a group which may edit data. Nothing else. These (where necessary) may also belong to to the group which may 'run' stuff.
Another for Programmers. Most permissions. May also be in 'run' &/or 'edit'
MichaelRed
redmsp@erols.com
There is never time to do it right but there is always time to do it over
- Status
Similar threads
- Locked
- Question
- Locked
- Question