Thanks doing something similar. Ok I was thinking of a table with the list
of forms also but now my mind is free.
On Mon, May 14, 2018 at 8:01 PM, Paul H. Tarver <p...@tpcqpc.com> wrote:
> If I had to guess, I'd say that there are thousands of different ways to
> handle this. In the past, I've used several different methods depending on
> my needs at the time. The simplest method of controlling access is to check
> whether someone has enough security to see a screen or not before you run
> the form such as:
>
> if vartype(glAdmin) = 'U'
> glAdmin = .t.
> endif
>
> if glAdmin
> do form sys_system with .t.
> else
> thisform.utilities.msgbox('You do not have Administrator Rights to
> this screen!','FATALERROR')
> endif
>
> * glAdmin is a global flag set when the user logs in to determine their
> access rights.
>
> However, because you mentioned a security level system, I remembered having
> a similar setup with one of my clients. Each user has a security level set
> between 0 and 10 where 0 is a very basic user with access to only a few
> things and 10 is Admin level which has access to everything.
>
> We have a table that stores a list of all forms and the minimum security
> level necessary to even open the form and if the user meets the minimum
> security level the form opens.
>
> In the INIT of forms, we call a method to enable or disable fields or
> buttons depending upon the specifics that take place within the form.
>
> If I had it to do over again, I'd probably try to ditch the table with the
> list of forms as I believe I could accomplish the same thing using the Load
> method to check the user security before the form init. I have done
> something similar in the past using code similar to what I show above.
>
> I'd be interested in hearing from others in how they would handle that.
>
> Paul H. Tarver
>
>
> -----Original Message-----
> From: ProfoxTech [mailto:profoxtech-boun...@leafe.com] On Behalf Of Ajoy
> Khaund
> Sent: Monday, May 14, 2018 12:29 AM
> To: profoxt...@leafe.com
> Subject: Application User Level Access
>
> Hi All,
>
> In my applications I have added a user table where there will be field to
> define the user level.
>
> Level - 1 Admin: can add users and has access to all
> Level - 2 Manager - cannot add user but has access to all others
> Level - 3 Operator - can add transactions but cannot create masters (eg.
> add/edit a customer)
>
> Now in the master entry forms in the Add & Edit button I can put some code
> to prevent
> Level 3 users from adding or editing.
>
> I want Level - 3 users to be able to view the masters. So for them add &
> edit button will be disabled
> or some code will b there to tell them they have no access.
>
> Is there a better way?
> Any ideas which u are implementing are welcome.
>
>
> --
> Regards,
>
> Ajoy Khaund
> Neamati Road
> Bhogdoi Mukh
> Jorhat 785001
> Assam, India
>
> Tel: 91-376-2351288
> Cell: 91-94350-92287
> Mail: akha...@hotmail.com
> Mail: akha...@gmail.com
> http://teaanalyst.blogspot.com/
>
>
> "Walking on water and developing software from a specification are easy if
> both are frozen."
> - Edward V. Berard, "Life-Cycle Approaches"
>
>
> --- StripMime Report -- processed MIME parts ---
> multipart/alternative
> text/plain (text body -- kept)
> text/html
> ---
>
[excessive quoting removed by server]
_______________________________________________
Post Messages to: ProFox@leafe.com
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/CAPs4RvUuJEUD8V0hu4Bb1ursqMYrZ=2zmrmiak4_knghh1j...@mail.gmail.com
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
