Lazy security (resolved)

[Oliver1]

Hopefully somebody might be able to help. We currently have an access database using Access Forms and VBA as a front end. Rather than go through the trouble of implementing user level security, what I would really like to do is find out what the users windows login name is, so on certain button clicks I could do a simple if statment check, eg

If Windows username = "Oliver" then
DoCmd.RunSQL (insertsql)
end if

This is not for security purposes, so I don't care that it is insecure, it's more to stop less able staff accidentally clicking on buttons they shouldn't.
I'm open to alternative sugestions.
Hope someone can help

[salvelinus]

Access allows you to set user permissions for the various database objects under Tools - Security. This wouldn't disable a button on a form, but you could disable the form itself, or set it read only, etc, for a particular user, or disable running the query, report, whatever under the click event.
If that's not what you want, you can use an API call to get the logged in username and allow/disallow using that. If you have a large group of non allowed users, and a similar one of allowed users, it could be cumbersome to check all the names in code, especially if the permissions are mixed. Not to mention that everytime permissions change, you'd have to go back & change the code.
You could have a user table with a field for every affected control and check the user name against their permissions in that, But I'd hate to maintain it.
Anyway, here's a link on the API call.

[Calibra]

Salvinus is partly right, it's can be done on an easy way.

Just create an extra tabel with the username (login name) and an acces level (just an number)
at startup find the username in the table that matches the login name and save the number to an global variable.

And use this number as an acces check for click events.

lest say:

select case glbSomeNumber
case 100
DoCmd.RunSQL (insertsql)
case 1
msgbox "do not click this ;-)"
case else
exit sub
end select
end if

this way you only have to use the login name in the table and you can use the numbers in youre code.

[salvelinus]

If I read Oliver1's post correctly, it sounds like each user, or groups, anyway, would or would not have access to individual controls. In that case, he'd need a field in the table for each control. If there are just a few groups that shared the same access rights, he could use an access level number, but if most people have their own access rights, he'd either need a field for each control or have pretty big if or select statements if there's more than a few people using the app.

[Oliver1]

Have had a quick play and have got the API to work. Thanks for your help, and should hopfully be able to implement some lazy security now )
Cheers