I have a table that has usernames, passwords, and a yes/no column for isadmin.
How do I make it so if they login with an account that has a check mark under "isadmin" they get access to design view, the ribbon, etc? Though if they log in with an account that doesn't have a check mark under the isadmin box they only can view the forms, not edit them, and the ribbon is inaccessible?
I just don't know where to start, as I had assumed there was a way to save the database as a seperate copy that only users can view forms in, and if the admin runs his copy he gets all the changes to the tables (via the forms) the users made. So when the admin edits a form, and saves it it doesn't remove all the user's data as when it was saved, it was saved to the admin's copy too. I'm really confused.
I am using Access 2013
This is a simple solution for user level security being removed in newer releases of Access; using a lot of VBA.
First, create a table. I will name mine
LogininfoT. Now, for the columns inside of the table, name them
EmployeeName, and lastly
IsAdmin. Make EmployeeID your key, and IsAdmin a YES/NO field.
For testing, add two users to this table. With this information:
EmployeeID LoginID LoginPassword EmployeeName IsAdmin 1 1111 1234 Bob [x] 2 2222 1234 Stewert [ ]
Now that we have the table made, let's design the form to use this set of data.
I will name my form LoginF. Go into design view, and slap down a text box, a combo box, and a button. For the combo box rename the text to say something like Login ID (you can change this to whatever fits your need) and for the text box, put the text as Password (once again, change this to whatever you want it doesn't effect the outcome). The text in the button can be whatever you want, I will be putting Login on it.
Click the combo box and rename it. I will be naming it LoginCmBx. Next, click the text box and rename it, I will be naming it PasswordTxt. Lastly, click the button and rename it, I will be naming it LoginBtn.
Click the combo box again and under the event tab, go into the After Update scripting. Use code and type this in:
Private Sub LoginCmBx_AfterUpdate() Me.PasswordTxt.SetFocus End Sub
This makes it so after you select a username, it automatically puts the focus onto the password text box so you can start typing right away without using TAB on your keyboard, or using your mouse.
Next, go to the button and under the event tab, go into the On Click scripting. Use code and type this in:
Private Sub LoginBtn_Click() If IsNull(Me.LoginCmBx) Or Me.LoginCmBx = "" Then MsgBox "You must enter a User Name.", vbOKOnly, "Required Data" Me.LoginCmBx.SetFocus Exit Sub End If If IsNull(Me.PasswordTxt) Or Me.PasswordTxt = "" Then MsgBox "You must enter a Password.", vbOKOnly, "Required Data" Me.PasswordTxt.SetFocus Exit Sub End If If Me.PasswordTxt.Value = DLookup("LoginPassword", "LoginInfoT", _ "[EmployeeID]=" & Me.LoginCmBx.Value) Then EmployeeID = Me.LoginCmBx.Value On Error Resume Next DoCmd.DeleteObject acQuery, "IsAdminQ" On Error GoTo Err_LoginBtn_Click Dim qdef As DAO.QueryDef Set qdef = CurrentDb.CreateQueryDef("IsAdminQ", _ "SELECT IsAdmin " & _ "FROM LoginInfoT " & _ "WHERE EmployeeID = " & LoginCmBx.Value) Exit_LoginBtn_Click: DoCmd.Close acForm, "LoginF", acSaveNo DoCmd.OpenForm "MenuF" Exit Sub Err_LoginBtn_Click: MsgBox Err.Description Resume Exit_LoginBtn_Click Else MsgBox "Password Invalid. Please Try Again", vbOKOnly, _ "Invalid Entry!" Me.PasswordTxt.SetFocus End If End Sub
What this does is check if you selected a username, if not it spits out an error telling the user to select one. If you did, it checks if you entered a password. If they didn't, it spits out another error saying they didn't enter a password. If they selected both, and the password doesn't match the one in the table for the username you selected it spits out an error saying you got the password wrong. If you got the password right to the username you selected, it logs you in. It will then close the current form you are on, and open up a new one named "MenuF" it will also create a query with that little bit of information under the username you selected, either if it's an admin or not.. We haven't created MenuF yet, so lets quickly do that. We aren't done with LoginF just quite yet though, so be prepared to come back to that later!
Create the form, and put down a button. Here is your menu form, you can create as many buttons as you want going to other forms or even just put a subform on here and have your entire database. Taht button you put down, you can name the text to whatever you want. I put mine as Log out. Name the button MenuLogOutBtn. Go into the event tab, and under the On Click scripting click code and type this in:
Private Sub MenuLogOutBtn_Click() DoCmd.DeleteObject acQuery, "IsAdminQ" DoCmd.OpenForm "LoginF" DoCmd.Close acForm, "MenuF", acSaveNo End Sub
What this does is delete the query the login button created, opens the login form again, and closes the menu. Simple!
Now I need you to throw down a checkbox, and name it MyCheckbox. This box requires no special coding, or control sources. Though I do suggest changing visible as no, and deleting the text that comes along with it.
Now, go to the form's event properties and under the Open scripting go to code and type this in:
Private Sub Form_Open(Cancel As Integer) Me.MyCheckbox.Value = GetLoginStateIsAdmin() If GetLoginStateIsAdmin = True Then Me.ShortcutMenu = True DoCmd.ShowToolbar "Ribbon", acToolbarYes DoCmd.ShowToolbar "Menu Bar", acToolbarYes Application.SetOption "ShowWindowsinTaskbar", True DoCmd.SelectObject acTable, , True Else Me.ShortcutMenu = False DoCmd.ShowToolbar "Ribbon", acToolbarNo DoCmd.ShowToolbar "Menu Bar", acToolbarNo Application.SetOption "ShowWindowsinTaskbar", False DoCmd.NavigateTo "acNavigationCategoryObjectType" DoCmd.RunCommand acCmdWindowHide End If End Sub
What this does is checkbox's information which is attached to query's
IsAdmin column and give
GetLoginStateIsAdmin that boolean variable. After it does that, it starts a simple If statement that turns off menu bars and disabled right click if you aren't an admin; if you are, it allows you do right click and all menu bars are visible.
Though if you didn't notice yet, our checkbox doesn't get the information from the query yet! Oh no!
If you were on your toes, you would notice even the login code wouldn't work at this point. First, we need some public modules. Go to the Create tab in the ribbon, and create a module. Type this in:
Public EmployeeID As Long Save this module as LoginModule. Create another module, and type this in: Function GetLoginStateIsAdmin() ' Dim rst As DAO.Recordset Set rst = CurrentDb.OpenRecordset("IsAdminQ") GetLoginStateIsAdmin = Nz(rst(0), False) Set rst = Nothing ' End Function Save this one as GetAdmin. Lets create one more module; so the user opening the database can't by bass stuff by using the shift key to launch it. Type this in it: Function ap_DisableShift() 'This function disable the shift at startup. This action causes 'the Autoexec macro and Startup properties to always be executed. On Error GoTo errDisableShift Dim db As DAO.Database Dim prop As DAO.Property Const conPropNotFound = 3270 Set db = CurrentDb() 'This next line disables the shift key on startup. db.Properties("AllowByPassKey") = False 'The function is successful. Exit Function errDisableShift: 'The first part of this error routine creates the "AllowByPassKey 'property if it does not exist. If Err = conPropNotFound Then Set prop = db.CreateProperty("AllowByPassKey", _ dbBoolean, False) db.Properties.Append prop Resume Next Else MsgBox "Function 'ap_DisableShift' did not complete successfully." Exit Function End If End Function
Save that as ShiftModule.
We are done the modules! Lets go back to the LoginF now.
Go to the form's event tab, and click the on load scripting. Click code, then type this in:
Private Sub Form_Load() On Error Resume Next DoCmd.DeleteObject acQuery, "CustomerMoreInfoQ" End Sub
What this does is make sure that the query the login button creates is deleted when this form starts up, just in case the user closes the database without logging out. So if you click login, it won't cause errors because the query isn't still there.
Run the form LoginF in form view, and select Bob as the username. Type in the password 1234 into the password text box, and click login. It should open up the MenuF and you see all menus and you can right click. Good. Now, log out and login with Stewert, using the same password. Now you see all the menus remove themselves, and you can't right click! Yay!
For extra security, in the LoginF's Other tab, make sure Shortcut Menu is set to No. This will set right click to be disabled always; as you aren't logged in as a user at this point. It doesn't know if you are an admin or not.
Go to File > Options > Current Database.
Under Display Form, select FormF. Under the Navigation section, unclick Display Navigation Pane.
Click okay, then go back to LoginF; go into the On Load code and add this just before the End Sub:
DoCmd.ShowToolbar "Ribbon", acToolbarNo
You are done! Save your database, then close it and open it again. It should load the LoginF form where you can't right click, there are no menus etc. The only way to get the menus to edit things is to log into an admin account!
This doesn't automatically expand the more you add forms though. You need to add that checkbox named MyCheckbox (I suggest copy + pasting it) to each form you add, and add this code to each form you add:
Private Sub Form_Open(Cancel As Integer) Me.MyCheckbox.Value = GetLoginStateIsAdmin() If GetLoginStateIsAdmin = True Then Me.ShortcutMenu = True Else Me.ShortcutMenu = False End If End Sub
Though once you do that to every form, the security works and you need to log in to an admin account to change anything. If you are just a user, you can use the form normally (click buttons, edit data on subforms, etc) You can't edit the form it self though.