Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
ValterBorges
Master Smack Fu Yak Hacker
1429 Posts |
 Posted - 2003-01-20 : 14:16:24
|
| Has anyone been successful in denying permissions to the base table and updating an access adp from through a stored procedure with execute privilages? |
|
|
ValterBorges
Master Smack Fu Yak Hacker
1429 Posts |
Posted - 2003-01-21 : 23:56:22
|
| Here is what I found for anyone interested.By using forms and subforms I've been able to avoid stored procedures that need the unique table variable set. Dynamically assign the following to Recordsource or Rowsource on an event:"EXEC dbo.MySP" & MyParamBy using the row source of combo boxes and binding it to the control source i've been able to deny permissions to most tables and allow access only through sp's.Behaves just like access mdb no need to write update and delete sp's just select sp's.Next created an ade and removed all ability to get at the base tables.Still leaves the ability to create your own adp and have access to some base tables if you know what you're doing.I guess I can try to have a trigger with an encrypted default field value and the trigger can check if that encrypted value is ok for insert and update and for delete I can look at checking to see if the data being deleted belongs to the user trying to delete.or having a good audit trail and being ready to restore if an intruder get's at some of the base tables.Any suggestions?Edited by - ValterBorges on 01/21/2003 23:57:01Edited by - ValterBorges on 01/21/2003 23:59:25 |
 |
|
|
|
|
|
ADP and Forms