Quick clarification about user level security 1

[ajaeger]

Let's say I have a query called qryDEF and it's defined as:

Select qryABC.ID, qryABC.NAME from qryABC

If user "Membership" has read access on qryDEF, but no access to qryABC, can they read qryDEF even though it's based on qryABC?

Thanks.


Anna Jaeger
iMIS Database Support

http://www.axcedesolutions.com

 

[SgtJarrow]

Haven't lloked at this in a long while...but there is a property for a query that is called "Run Permissions". There are two options: owner and user.

By leaving it at owner, the query will run based on the permissions of the owner of the query, usually the creator or Admin.

If you change it to user, the permissions are based on what permissions that user has...which you have usually defined in your security model.

So, if the query qryDEF has user level permissions, and the qryABD has owner permissions, as long as the owner permissions have rights to qryABC, the users SHOULD be able to see the data from qryABC via qryDEF.

=======================================
People think it must be fun to be a super genius, but they don't realize how hard it is to put up with all the idiots in the world. (Calvin from Calvin And Hobbs)

Robert L. Johnson III
CCNA, CCDA, MCSA, CNA, Net+, A+, CHDP
VB/Access Programmer

 

[ajaeger]

Thanks! Adding "WITH OWNERACCESS OPTION" to the end of my queries allowed me to restrict access to the underlying tables.

Anna Jaeger
iMIS Database Support

http://www.axcedesolutions.com