用户级别的安全性?
[英]User level security?
问题描述
I have a table that has usernames, passwords, and a yes/no column for isadmin. 
我有一个包含用户名,密码和isadmin的yes / no列的表。
How do I make it so if they login with an account that has a check mark under "isadmin" they get access to design view, the ribbon, etc? 我如何做到这一点,如果他们使用在“ isadmin”下带有复选标记的帐户登录,则可以访问设计视图,功能区等? Though if they log in with an account that doesn't have a check mark under the isadmin box they only can view the forms, not edit them, and the ribbon is inaccessible? 尽管如果他们使用isadmin框下没有复选标记的帐户登录,他们只能查看表单,不能编辑表单,并且功能区无法访问?
I just don't know where to start, as I had assumed there was a way to save the database as a seperate copy that only users can view forms in, and if the admin runs his copy he gets all the changes to the tables (via the forms) the users made. 我只是不知道从哪里开始,因为我已经假设有一种方法可以将数据库另存为单独的副本,只有用户可以查看表单。如果管理员运行他的副本,他将获得表的所有更改(通过表格)用户所做的。 So when the admin edits a form, and saves it it doesn't remove all the user's data as when it was saved, it was saved to the admin's copy too. 因此,当管理员编辑表单并保存该表单时,它并不会像保存时一样删除所有用户数据,它也被保存到了管理员的副本中。 I'm really confused. 我真的很困惑
I am using Access 2013 我正在使用Access 2013
1 个解决方案
解决方案1
4 已采纳 2013-11-06 15:40:18
This is a simple solution for user level security being removed in newer releases of Access; 这是在新版本的Access中删除用户级别安全性的简单解决方案。 using a lot of VBA. 使用了大量的VBA。
STEP 1: Creating The Table 步骤1:建立表格
First, create a table. 首先,创建一个表。 I will name mine LogininfoT . 我将命名为LogininfoT 。 Now, for the columns inside of the table, name them EmployeeID , LoginID , LoginPassword , EmployeeName , and lastly IsAdmin . 现在,为表内的列,他们的名字EmployeeID , LoginID , LoginPassword , EmployeeName ,最后IsAdmin 。 Make EmployeeID your key, and IsAdmin a YES/NO field. 将EmployeeID作为您的密钥,并将IsAdmin作为是/否字段。
For testing, add two users to this table. 为了进行测试,请将两个用户添加到该表中。 With this information: 有了此信息:
EmployeeID LoginID LoginPassword EmployeeName IsAdmin
1 1111 1234 Bob [x]
2 2222 1234 Stewert [ ]
STEP 2: Creating The Forms 步骤2:建立表格
Now that we have the table made, let's design the form to use this set of data. 现在我们已经完成了表格的制作,让我们设计表单来使用这组数据。
I will name my form LoginF. 我将命名为LoginF。 Go into design view, and slap down a text box, a combo box, and a button. 进入设计视图,然后按下一个文本框,一个组合框和一个按钮。 For the combo box rename the text to say something like Login ID (you can change this to whatever fits your need) and for the text box, put the text as Password (once again, change this to whatever you want it doesn't effect the outcome). 对于组合框,将文本重命名为类似于“登录ID”(您可以将其更改为适合您的需要)的名称,对于文本框,将文本作为“密码”(再次,将其更改为您希望的任何内容都无效)结果)。 The text in the button can be whatever you want, I will be putting Login on it. 按钮中的文本可以是您想要的任何内容,我将在其上添加“登录名”。
Click the combo box and rename it. 单击组合框,然后将其重命名。 I will be naming it LoginCmBx. 我将其命名为LoginCmBx。 Next, click the text box and rename it, I will be naming it PasswordTxt. 接下来,单击文本框并重命名,我将其命名为PasswordTxt。 Lastly, click the button and rename it, I will be naming it LoginBtn. 最后,单击按钮并重命名,我将其命名为LoginBtn。
Click the combo box again and under the event tab, go into the After Update scripting. 再次单击组合框,然后在事件选项卡下,进入更新后脚本。 Use code and type this in: 使用代码并输入以下内容:
Private Sub LoginCmBx_AfterUpdate()
Me.PasswordTxt.SetFocus
End Sub
This makes it so after you select a username, it automatically puts the focus onto the password text box so you can start typing right away without using TAB on your keyboard, or using your mouse. 这样,在选择用户名后,它会自动将焦点放在密码文本框上,因此您无需使用键盘上的TAB或鼠标即可立即开始输入。
Next, go to the button and under the event tab, go into the On Click scripting. 接下来,转到按钮,然后在“事件”选项卡下,转到“单击时”脚本。 Use code and type this in: 使用代码并输入以下内容:
Private Sub LoginBtn_Click()
If IsNull(Me.LoginCmBx) Or Me.LoginCmBx = "" Then
MsgBox "You must enter a User Name.", vbOKOnly, "Required Data"
Me.LoginCmBx.SetFocus
Exit Sub
End If
If IsNull(Me.PasswordTxt) Or Me.PasswordTxt = "" Then
MsgBox "You must enter a Password.", vbOKOnly, "Required Data"
Me.PasswordTxt.SetFocus
Exit Sub
End If
If Me.PasswordTxt.Value = DLookup("LoginPassword", "LoginInfoT", _
"[EmployeeID]=" & Me.LoginCmBx.Value) Then
EmployeeID = Me.LoginCmBx.Value
On Error Resume Next
DoCmd.DeleteObject acQuery, "IsAdminQ"
On Error GoTo Err_LoginBtn_Click
Dim qdef As DAO.QueryDef
Set qdef = CurrentDb.CreateQueryDef("IsAdminQ", _
"SELECT IsAdmin " & _
"FROM LoginInfoT " & _
"WHERE EmployeeID = " & LoginCmBx.Value)
Exit_LoginBtn_Click:
DoCmd.Close acForm, "LoginF", acSaveNo
DoCmd.OpenForm "MenuF"
Exit Sub
Err_LoginBtn_Click:
MsgBox Err.Description
Resume Exit_LoginBtn_Click
Else
MsgBox "Password Invalid. Please Try Again", vbOKOnly, _
"Invalid Entry!"
Me.PasswordTxt.SetFocus
End If
End Sub
What this does is check if you selected a username, if not it spits out an error telling the user to select one. 这样做是检查您是否选择了用户名,否则,它会显示一条错误消息,提示用户选择一个用户名。 If you did, it checks if you entered a password. 如果这样做,它将检查您是否输入了密码。 If they didn't, it spits out another error saying they didn't enter a password. 如果没有输入密码,它将显示另一个错误,提示他们未输入密码。 If they selected both, and the password doesn't match the one in the table for the username you selected it spits out an error saying you got the password wrong. 如果他们都选择了两者,并且密码与您选择的用户名表中的密码不匹配,则会显示一条错误消息,提示您输入的密码错误。 If you got the password right to the username you selected, it logs you in. It will then close the current form you are on, and open up a new one named "MenuF" it will also create a query with that little bit of information under the username you selected, either if it's an admin or not.. We haven't created MenuF yet, so lets quickly do that. 如果您获得了所选用户名的密码,它将登录。然后,它将关闭您当前所在的表单,并打开一个新的名为“ MenuF”的表单,它还将创建包含少量信息的查询。在您选择的用户名下(无论是不是管理员)。.我们还没有创建MenuF,因此让我们快速进行操作。 We aren't done with LoginF just quite yet though, so be prepared to come back to that later! 不过,我们还没有完成LoginF的工作,因此请准备稍后再讨论!
Create the form, and put down a button. 创建表单,然后放下一个按钮。 Here is your menu form, you can create as many buttons as you want going to other forms or even just put a subform on here and have your entire database. 这是您的菜单表单,您可以根据需要创建任意数量的按钮以转到其他表单,甚至可以在此处放置一个子表单并拥有整个数据库。 Taht button you put down, you can name the text to whatever you want. 您按下的“泰铢”按钮可以将文本命名为任何您想要的名称。 I put mine as Log out. 我将我的帐户注销。 Name the button MenuLogOutBtn. 将按钮命名为MenuLogOutBtn。 Go into the event tab, and under the On Click scripting click code and type this in: 进入事件选项卡,然后在“单击脚本”下单击代码,然后在其中键入以下内容:
Private Sub MenuLogOutBtn_Click()
DoCmd.DeleteObject acQuery, "IsAdminQ"
DoCmd.OpenForm "LoginF"
DoCmd.Close acForm, "MenuF", acSaveNo
End Sub
What this does is delete the query the login button created, opens the login form again, and closes the menu. 这是删除登录按钮创建的查询,再次打开登录表单,然后关闭菜单。 Simple! 简单!
Now I need you to throw down a checkbox, and name it MyCheckbox. 现在,我需要您放弃一个复选框,并将其命名为MyCheckbox。 This box requires no special coding, or control sources. 此框不需要特殊的编码或控制源。 Though I do suggest changing visible as no, and deleting the text that comes along with it. 尽管我确实建议将visible更改为no,并删除其附带的文本。
Now, go to the form's event properties and under the Open scripting go to code and type this in: 现在,转到表单的事件属性,然后在“打开”脚本下转到代码并在以下命令中键入:
Private Sub Form_Open(Cancel As Integer)
Me.MyCheckbox.Value = GetLoginStateIsAdmin()
If GetLoginStateIsAdmin = True Then
Me.ShortcutMenu = True
DoCmd.ShowToolbar "Ribbon", acToolbarYes
DoCmd.ShowToolbar "Menu Bar", acToolbarYes
Application.SetOption "ShowWindowsinTaskbar", True
DoCmd.SelectObject acTable, , True
Else
Me.ShortcutMenu = False
DoCmd.ShowToolbar "Ribbon", acToolbarNo
DoCmd.ShowToolbar "Menu Bar", acToolbarNo
Application.SetOption "ShowWindowsinTaskbar", False
DoCmd.NavigateTo "acNavigationCategoryObjectType"
DoCmd.RunCommand acCmdWindowHide
End If
End Sub
What this does is checkbox's information which is attached to query's IsAdmin column and give GetLoginStateIsAdmin that boolean variable. 这样做是其连接到查询的复选框的信息IsAdmin列,并给GetLoginStateIsAdmin那布尔变量。 After it does that, it starts a simple If statement that turns off menu bars and disabled right click if you aren't an admin; 完成此操作后,它将启动一个简单的If语句,以关闭菜单栏并禁用右键菜单(如果您不是管理员); if you are, it allows you do right click and all menu bars are visible. 如果是这样,则允许您右键单击并且所有菜单栏都可见。
Though if you didn't notice yet, our checkbox doesn't get the information from the query yet! 虽然,如果您尚未注意到,我们的复选框仍无法从查询中获取信息! Oh no! 不好了!
STEP 3: Creating The Public Modules 步骤3:创建公共模块
If you were on your toes, you would notice even the login code wouldn't work at this point. 如果您不知所措,那么此时您会发现甚至登录代码也无效。 First, we need some public modules. 首先,我们需要一些公共模块。 Go to the Create tab in the ribbon, and create a module. 转到功能区中的“创建”选项卡,然后创建一个模块。 Type this in: 输入以下内容:
Public EmployeeID As Long
Save this module as LoginModule.
Create another module, and type this in:
Function GetLoginStateIsAdmin()
'
Dim rst As DAO.Recordset
Set rst = CurrentDb.OpenRecordset("IsAdminQ")
GetLoginStateIsAdmin = Nz(rst(0), False)
Set rst = Nothing
'
End Function
Save this one as GetAdmin.
Lets create one more module; so the user opening the database can't by bass stuff by using the shift key to launch it.
Type this in it:
Function ap_DisableShift()
'This function disable the shift at startup. This action causes
'the Autoexec macro and Startup properties to always be executed.
On Error GoTo errDisableShift
Dim db As DAO.Database
Dim prop As DAO.Property
Const conPropNotFound = 3270
Set db = CurrentDb()
'This next line disables the shift key on startup.
db.Properties("AllowByPassKey") = False
'The function is successful.
Exit Function
errDisableShift:
'The first part of this error routine creates the "AllowByPassKey
'property if it does not exist.
If Err = conPropNotFound Then
Set prop = db.CreateProperty("AllowByPassKey", _
dbBoolean, False)
db.Properties.Append prop
Resume Next
Else
MsgBox "Function 'ap_DisableShift' did not complete successfully."
Exit Function
End If
End Function
Save that as ShiftModule. 将其另存为ShiftModule。
We are done the modules! 我们完成了模块! Lets go back to the LoginF now. 现在让我们回到LoginF。
STEP 4: Finishing Up LoginF 步骤4:完成LoginF
Go to the form's event tab, and click the on load scripting. 转到表单的事件选项卡,然后单击加载脚本。 Click code, then type this in: 单击代码,然后在其中输入:
Private Sub Form_Load()
On Error Resume Next
DoCmd.DeleteObject acQuery, "CustomerMoreInfoQ"
End Sub
What this does is make sure that the query the login button creates is deleted when this form starts up, just in case the user closes the database without logging out. 这样做是为了确保在启动此表单时删除登录按钮创建的查询,以防万一用户关闭数据库而不注销。 So if you click login, it won't cause errors because the query isn't still there. 因此,如果您单击登录,则不会导致错误,因为查询仍不存在。
STEP 5: Testing It Out. 步骤5:进行测试。
Run the form LoginF in form view, and select Bob as the username. 在窗体视图中运行窗体LoginF,然后选择Bob作为用户名。 Type in the password 1234 into the password text box, and click login. 在密码文本框中输入密码1234,然后单击“登录”。 It should open up the MenuF and you see all menus and you can right click. 它应该打开MenuF,您会看到所有菜单,并且可以右键单击。 Good. 好。 Now, log out and login with Stewert, using the same password. 现在,注销并使用相同的密码登录Stewert。 Now you see all the menus remove themselves, and you can't right click! 现在,您会看到所有菜单都已删除,您无法右键单击! Yay! 好极了!
For extra security, in the LoginF's Other tab, make sure Shortcut Menu is set to No. This will set right click to be disabled always; 为了提高安全性,请在LoginF的“其他”选项卡中,确保将“快捷菜单”设置为“否”。 as you aren't logged in as a user at this point. 因为您目前尚未以用户身份登录。 It doesn't know if you are an admin or not. 它不知道您是否是管理员。
STEP 6: Disabling The Toolbars On Start Up & launching LoginF On Start Up. 步骤6:在启动时禁用工具栏,并在启动时启动LoginF。
Go to File > Options > Current Database. 转到文件>选项>当前数据库。
Under Display Form, select FormF. 在“显示表单”下,选择“ FormF”。 Under the Navigation section, unclick Display Navigation Pane. 在“导航”部分下,取消单击“显示导航窗格”。
Click okay, then go back to LoginF; 单击确定,然后返回LoginF; go into the On Load code and add this just before the End Sub: 进入“加载”代码,并将其添加到“结束子代码”之前:
DoCmd.ShowToolbar "Ribbon", acToolbarNo
You are done! 大功告成! Save your database, then close it and open it again. 保存数据库,然后关闭它并再次打开它。 It should load the LoginF form where you can't right click, there are no menus etc. The only way to get the menus to edit things is to log into an admin account! 它应该在无法右键单击,没有菜单等的地方加载LoginF表单。获取菜单以编辑内容的唯一方法是登录到管理员帐户!
Step 7: Expanding 步骤7:展开
This doesn't automatically expand the more you add forms though. 但是,这不会自动扩展更多添加的表单。 You need to add that checkbox named MyCheckbox (I suggest copy + pasting it) to each form you add, and add this code to each form you add: 您需要将名为MyCheckbox的复选框(建议复制并粘贴)添加到所添加的每个表单中,并将此代码添加到所添加的每个表单中:
Private Sub Form_Open(Cancel As Integer)
Me.MyCheckbox.Value = GetLoginStateIsAdmin()
If GetLoginStateIsAdmin = True Then
Me.ShortcutMenu = True
Else
Me.ShortcutMenu = False
End If
End Sub
Though once you do that to every form, the security works and you need to log in to an admin account to change anything. 尽管对每种表单都执行了此操作,但是安全性仍然有效,并且您需要登录到管理员帐户才能更改任何内容。 If you are just a user, you can use the form normally (click buttons, edit data on subforms, etc) You can't edit the form it self though. 如果您只是用户,则可以正常使用表单(单击按钮,编辑子表单上的数据等),但是您无法自行编辑表单。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.