I am replacing a current application for our HR group. The current application is written such that HR has full access but supervisors can access the UI interface to view specific data about employees who work for them. They do not have the ability to see everything on the form(s) and they cannot update any information (there might be an exception as they may be able to update evaluation information.)
The question I have is what is the consensus on how this should be designed. They current application hides framse containing controls and specific controls that are not on frames in code based on a global variable used to determine if the user has R/O access. I am considering putting all the code in the business objects. The form would remain in-tact but any information they are not allowed access to view, the business logic would just return null strings based on this global property. I would also reject any attempt to update the business objects by exiting any Property Let methods, also based on the value of the global property. The only indicationn on the form may be a label that I show indicating "Limited Read-Only Access"
Feedback? No coding skills required.