If I had to guess, I'd say that there are thousands of different ways to
handle this. In the past, I've used several different methods depending on
my needs at the time. The simplest method of controlling access is to check
whether someone has enough security to see a screen or not before you run
the form such as:
if vartype(glAdmin) = 'U'
glAdmin = .t.
endif
if glAdmin
do form sys_system with .t.
else
thisform.utilities.msgbox('You do not have Administrator Rights to
this screen!','FATALERROR')
endif
* glAdmin is a global flag set when the user logs in to determine their
access rights.
However, because you mentioned a security level system, I remembered having
a similar setup with one of my clients. Each user has a security level set
between 0 and 10 where 0 is a very basic user with access to only a few
things and 10 is Admin level which has access to everything.
We have a table that stores a list of all forms and the minimum security
level necessary to even open the form and if the user meets the minimum
security level the form opens.
In the INIT of forms, we call a method to enable or disable fields or
buttons depending upon the specifics that take place within the form.
If I had it to do over again, I'd probably try to ditch the table with the
list of forms as I believe I could accomplish the same thing using the Load
method to check the user security before the form init. I have done
something similar in the past using code similar to what I show above.
I'd be interested in hearing from others in how they would handle that.
Paul H. Tarver
-----Original Message-----
From: ProfoxTech [mailto:[email protected]] On Behalf Of Ajoy
Khaund
Sent: Monday, May 14, 2018 12:29 AM
To: [email protected]
Subject: Application User Level Access
Hi All,
In my applications I have added a user table where there will be field to
define the user level.
Level - 1 Admin: can add users and has access to all
Level - 2 Manager - cannot add user but has access to all others
Level - 3 Operator - can add transactions but cannot create masters (eg.
add/edit a customer)
Now in the master entry forms in the Add & Edit button I can put some code
to prevent
Level 3 users from adding or editing.
I want Level - 3 users to be able to view the masters. So for them add &
edit button will be disabled
or some code will b there to tell them they have no access.
Is there a better way?
Any ideas which u are implementing are welcome.
--
Regards,
Ajoy Khaund
Neamati Road
Bhogdoi Mukh
Jorhat 785001
Assam, India
Tel: 91-376-2351288
Cell: 91-94350-92287
Mail: [email protected]
Mail: [email protected]
http://teaanalyst.blogspot.com/
"Walking on water and developing software from a specification are easy if
both are frozen."
- Edward V. Berard, "Life-Cycle Approaches"
--- StripMime Report -- processed MIME parts ---
multipart/alternative
text/plain (text body -- kept)
text/html
---
[excessive quoting removed by server]
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
