Solved

How to implement table level read /write user level access control in Access 2013 web app

Posted on 2015-01-06
3
254 Views
Last Modified: 2015-06-03
Hi

I am trying to implement a user level permission module in a Access Web App I am developing for a client. I have a very simple data model behind it. I have a table called App Functionality and then a one to many table called user permissions. i.e. user A has 4 permissions assigned to him. eg. load project, view projects, login to app and view projects dashboard. Its effectively a table level security model.

At present I have UI macro which can retrieve whether the current user (set using userdisplayname function on start-up). The macro takes two parameters (user, functionality). The idea is that any form can pass it those variables and then action the resulting CRUD permissions by setting the properties on controls (like add or edit list buttons) to disabled.

I have three questions;

Is this an "ok" method?
If so then what are the best actions in which to write the "lock down" logic. 'On Load' wont work. 'On Current' is not working completely either.
What other techniques are people using to bring good old fashioned user level access control to Access Web Apps? I can't find best practice on this (remember its not a desktop app, its a web app).


Thanks
James
0
Comment
Question by:james saulez
  • 2
3 Comments
 
LVL 84
ID: 40535329
Is this an "ok" method?
It's the only method. You have no VBA in the web model, so any interactions with the database must be handled through macros. Essentially, you read the table and determine what to do from there.

What do you mean by "OnLoad doesn't work"? I'd think that's the best action to use, but then you only have two Form-level actions: OnLoad and Oncurrent.

What other techniques are people using to bring good old fashioned user level access control to Access Web Apps
People aren't - in fact, people aren't really using Web Apps for much of anything other than very basic CRUD operations. Anything outside of that is very, very difficult to achieve - if it can be achieved at all.

Web Apps are the way Access is moving, to be sure, but they're still very much in their infancy. There have been quite a few advances in more recent version (2013), but they are far from ready-for-prime-time, at least in my opinion. If you need a robust, full-featured web application you should consider using something like ASP.NET, PHP, Java, etc instead.
0
 

Expert Comment

by:Frank Rupert
ID: 40579155
Another alternative is to use hybrid setup of Access 2013 Front Ends linking to SQL Azure in the cloud. This way you can use VBA to implement your user-level permissions, then you can distribute the front-end's to each of your users.
0
 
LVL 84

Accepted Solution

by:
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 40581297
Linking to Azure can cause performance issues. In the two cases where I tried it, the application was so slow it was unusable, and this was a very simple CRUD app. Your mileage may vary, of course.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
In a previous video Micro Tutorial here at Experts Exchange (http://www.experts-exchange.com/videos/1358/How-to-get-a-free-trial-of-Office-365-with-the-Office-2016-desktop-applications.html), I explained how to get a free, one-month trial of Office …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question