Form Security Strategies any advice?

[jjme88]

Anyone got any good advice for handling form based security with ADP projects.

My scenario is such that Dependant on what domain user group a user is in (easy enough to establish) I want to allow;

Read Only; Write & Read; or Deny access to a particular form altogether.

Once in a form if the user has the right to 'Write' / change any data I need to limit what actions they can take based on a particular field in the window a 'Status' flag and the group the user is in.

Does anyone know a good resource or have some advice as to how best to do this.
jj

 

[jordanking]

what is your back end server?

If sql server, you can grant permissions to stored procedures and views at the server level based on windows groups.
Then ensure that all actions are taken "through" the SP's and data is displayed through calling Views. As a result, each form will only have the ability to call certain SP's which controls exactly what happens with each user.

(This falls apart if you have bound forms, which I don't suggest, unless you have a really good reason. Bound forms allow the user to adjust the data directly with much less security than if you do it yourself through unbound forms and SP's.)

Finally you can use the windows groups, access security, or an employee table to restrict access to certain forms which themselves have access to certain SP's.

At least that is what I do, someone may have a better solution.

.....
I'd rather be surfing