I am having a problem trying to create data protection on a form. I am trying to create Edit, Add, Update features on the form, because users are accidentally editing information in a table. However I want to be able to disable the "Edit" command button if the user does not have more than "Read Data" permissions on the underlying table. However, when I test the permissions for the test user it I get a return from AllPermisions saying that the user has permissions he doesn't have.
?(currentdb.Containers("tables").Documents(me.recordsource).AllPermissions and dbSecInsertData) = dbSecInsertData
If I then put in the immediate pane -> me.RecordsetClone.addnew I get an error.
?"err - " & err & " [" & err.Description & "]"
err - 3033 [You do not have the necessary permissions to use the 'tblParticipants' object. Have your system administrator or the person who created this object establish the appropriate permissions for you.]
my test user is a member of only two groups Users (required) and MyDatabaseUsers. I have created a new database under a user named MyDatabaseOwner and have removed all permissions for all the tables from Admin and Users. I have given only Read Data (which also requires Read Structure) permission to MyDatabaseUsers.
All the security is in the backend with the tables at the moment. In the form that uses a table in the backend with group permissions set to read data for the MyDatabaseUsers account I stop the code using a timer after the form is loaded.
My understanding is that AllPermissions returns a long of all the permissions inherited from the groups, but there are only two groups; one with no permissions and one with only read permissions. What am I doing wrong?