Solved

User permissions for an Access 2013 web app

Posted on 2014-10-01
14
1,372 Views
Last Modified: 2014-10-02
Built an Access web app.  All is well, with a lot of help.  Now that we're ready to go live, need to get a handle on permissions to the database.  The major permission settings are obvious, in the desktop access ability to close write connections, for example.

But what about to the app. views, themselves?

Using the notion of managing SharePoint document libraries for example, it is possible to grant unique permissions at the library level.  A user not having permissions to a library, simply doesn't get to see the library, even in search results.

What is possible then for the access web app.?  Obviously the best case would be to set unique user permission to manage privilege to the app.  When a user doesn't have privilege, they can not even see the app. views, just as in a SharePoint library.  What is possible?
0
Comment
Question by:VirtualKansas
  • 5
  • 4
  • 4
14 Comments
 
LVL 57

Expert Comment

by:Jim Dettman (Microsoft MVP/ EE MVE)
Comment Utility
<<What is possible? >>

 Caveat; I haven't done a web app yet.

 What I've heard from others though is that you have two choices:

1. Read-only for a user
2. Read-write for a user

  That's app wide and there's nothing else besides no Access at all.

  Any security you need will need to be built into the app.

Jim.
0
 

Author Comment

by:VirtualKansas
Comment Utility
The second source I tripped across suggested using macro's.  In a previous Q&A on change tracking, the OnUpdate macro was suggested as a solution to populate a field for the date/time of an update.  This did not work as it caused an infinite loop.  

What I found from a seriously helpful MSFT tech. support in Fargo ND of all places was to create a table to capture the change date/time and then present that table as a related control in the view and perfect.  Now keeps a running ledger of date/time changes to the table, where as desktop macro just updated the date/time to the latest.  Some downside in a maintenance shore cleaning the new table have to figure some automation for that, but the upside is great and solved the problem.

Now to apply the same logic, could we create a user table and use parameters to capture user account info. and only present views based on that info, using Parameters against the user table?  Possibly an OnClick for a control button?
0
 
LVL 57

Expert Comment

by:Jim Dettman (Microsoft MVP/ EE MVE)
Comment Utility
<<The second source I tripped across suggested using macro's.  >>

 Well that's all you have in Access Web Apps and is as I said; you'd have to build whatever security you want in the app itself.  There is nothing in the product nor in SharePoint that will help.

Jim.
0
 
LVL 57

Expert Comment

by:Jim Dettman (Microsoft MVP/ EE MVE)
Comment Utility
<<Now to apply the same logic, could we create a user table and use parameters to capture user account info. and only present views based on that info, using Parameters against the user table?  Possibly an OnClick for a control button? >>

 There's really not a whole lot to work with in web apps at the moment, which is one of the main reasons I haven't done any yet.   Any projects I've bumped into far exceed what's doable or easily doable in web apps at present.

 Hopefully Microsoft will expand their capabilities in the next release, but I'm not holding my breath.

Jim.
0
 
LVL 57

Assisted Solution

by:Jim Dettman (Microsoft MVP/ EE MVE)
Jim Dettman (Microsoft MVP/ EE MVE) earned 250 total points
Comment Utility
By the way, let's see if anyone else jumps in.  I strongly doubt anyone will however because hardly anyone here is doing web apps.

If no one does, then I'd like to delete this question.  I know what I offered is correct, but I don't feel like it really is giving you a good answer to your problem.

Jim.
0
 
LVL 75

Expert Comment

by:DatabaseMX (Joe Anderson - Access MVP)
Comment Utility
I've pinged Jeff Conrad at Microsoft to see if he can shed any light on this ...

mx
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 75

Accepted Solution

by:
DatabaseMX (Joe Anderson - Access MVP) earned 250 total points
Comment Utility
Here is the response I got from Jeff ... probably the most knowledgeable persons around on Access Web Apps:
====

Hi Joe,

If I’m understanding the customer’s question correctly, the Access web apps will inherit the same permissions from the site they are currently hosted within. So, for example, if you don’t have permissions to a site or subsite, if you attempted to browse to an Access web app within that site or subsite, you would see the exact same message that you would for other SharePoint content (like lists). The user would see the generic, “This site has not been shared with you…” It will be some variation of text like that. You wouldn’t see any part of the Access web app if you don’t already have permissions to the site or subsite the Access web is contained within.  If you have read-only permissions to the site, then users can view the app in the browser but they won’t be able to make data changes. If the user has read/write, they can view and make data changes.

You can’t use the SharePoint permissions to get more granular control over Access web apps such as on a per table basis. If you need greater control than that, you might be able to craft something together using macros.

Does that help?

Concerning the customer’s comment here…
“The second source I tripped across suggested using macro's.  In a previous Q&A on change tracking, the OnUpdate macro was suggested as a solution to populate a field for the date/time of an update.  This did not work as it caused an infinite loop.  ”

To not get into a recursive loop in that scenario, you just need to first use the “Update” function in the data macro logic to test to see the field hasn’t already been updated.

--
Jeff Conrad - Access Junkie
Senior Content Developer - Microsoft Office Content Development Team
"Access 2013 – Changing the world one app at a time."

====
0
 

Author Closing Comment

by:VirtualKansas
Comment Utility
Appreciate the follow through.  MSFT support has been very helpful, been going that route for most effort.  I get the gist of Jeff's response at the site level.  Am sure there is a more granular solution to add value in the app. itself, but looks like I'm on my own there.
0
 
LVL 75

Expert Comment

by:DatabaseMX (Joe Anderson - Access MVP)
Comment Utility
I highly recommend you get Jeff's Book Access 2013 Inside Out (Amazon - I reviewed the book) if you will be working will Access Web Apps.  I will be seeing Jeff in about 4 weeks at the MVP Summit in Redmond :-)

mx
0
 

Author Comment

by:VirtualKansas
Comment Utility
I have Access 2013 the missing manual by McDonald, which did have a great section on web apps.  Helped.  

Just bought: Professional Access 2013 Programming by Teresa Hennig (Author), Ben Clothier (Author), George Hepworth (Author), Dagi (Doug) Yudovich (Author)  Reported to have macro solutions for granular control over in app. views.  Will have it, next week.

Will add Jeff's to the collection.

TY
0
 

Author Comment

by:VirtualKansas
Comment Utility
BTW, tell Jeff he has great colleagues in Dennis from Fargo, ND and Kathy in Dallas, TX that are rooting through an unrelated issue for me.  Super helpful support.
0
 
LVL 75

Expert Comment

by:DatabaseMX (Joe Anderson - Access MVP)
Comment Utility
And that was the other book I have and was about to recommend also ... Teresa's book. I will be seeing (most) all of the authors also at the Summit.
The first 600+ pages of Jeff's book are devoted entirely to Web Apps ... and he has a load of real world 2013 Web Apps you can download and mess with.

Take care ...
mx
0
 
LVL 75

Expert Comment

by:DatabaseMX (Joe Anderson - Access MVP)
Comment Utility
Here is one more response from Jeff:
====

Hi Joe,

One of the main reasons you can’t get too fine of a control over the web app contents (like on a per table basis) is because the app itself is a complete SQL Azure database behind the scenes and we’re just using SharePoint to host the UI. A user could use SSMS and/or ODBC connections to directly add, edit, and delete data. In that scenario, SharePoint is really out of the picture there since you’re really only using the backend at that point. If you choose to try and craft something together using macros, you can get a little more control over the UI for users only using their web browser. It’s extra work though so you have to gauge whether the work is worth the effort.

For the two support engineers listed below, I’ve never met them personally because of their locations, but I’ve worked them very often on many issues in the past. I will make sure they hear about this feedback directly. I’m sure they’d like to hear this feedback.
====
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.
In Microsoft Access, learn different ways of passing a string value within a string argument. Also learn what a “Type Mis-match” error is about.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now