| Author |
 Topic  |
|
|
janus006
Starting Member
United Kingdom
4 Posts |
 Posted - 05/16/2010 : 07:14:43
|
I'm new to this wonderful forum.
I'm developping a VB6.0 application that accesses data of sql server2000. I made a successful linking with recordset and so on, I use sql queries through VB6.0 with no problem.
Now I got 5 users for the application, the boss and the 4 crew members.
I want the boss, to see and do everything he wants.
a crew can see only his data, not his fellow's data unless he is authorized by the boss(prior) or by the meant fellow.
I think about creating a users table, and link users' table to all the tables and add 'and where user= joe' whenever I want data for joe.
but I want to see if isn't there any other elegant solution, within sql server and using standard sql server users that are in the data bases.
please help me
thanks in advance
says the newbie
says the newbie |
|
|
visakh16
Very Important crosS Applying yaK Herder
India
47023 Posts |
Posted - 05/16/2010 : 08:12:37
|
seems like what you need is to create a security model in sql server db. add table for user,usergroups and add a access table which maps to usergroups. then based on access display relevant items in your webpage. you could add a approval table also with member info to indicate who all can do approval for a particular access
------------------------------------------------------------------------------------------------------
SQL Server MVP
http://visakhm.blogspot.com/
|
 |
|
|
janus006
Starting Member
United Kingdom
4 Posts |
Posted - 05/16/2010 : 08:22:18
|
thanks a lot for you reply visakh16.
the crew members use windows authentication. isn't there a way to use it instead of creating a users' table within sql server? plus, I created a standard VB application with standard sql queries in it. can't sql server manage to give each user only what he's allowed to see even with using general query ("select * from X_table;" and here depending on th windows user sql shows data allowed)?
thanks for your help, I highly appreciate.
says the newbie |
|
|
|
visakh16
Very Important crosS Applying yaK Herder
India
47023 Posts |
Posted - 05/16/2010 : 08:25:46
|
so you mean you've created different groups in windows itself?
------------------------------------------------------------------------------------------------------
SQL Server MVP
http://visakhm.blogspot.com/
|
|
|
|
janus006
Starting Member
United Kingdom
4 Posts |
Posted - 05/16/2010 : 08:36:57
|
no, not group, just users. windows users who have access to the server with their windows login and password.
I know that this very same authentication is used in sql server 2000. all I want now is to implement a row level restriction on those users. so as, as they access windows, sql server identify them and gives them access only to some rows, no matter how general their query are.
says the newbie |
|
|
| |
Topic |
|
need help
