Permission Rights

Hi All, I have a question regarding security. One of our clients wants to have separated permission rights for some users. One group has only read permission for a particular table and other group has all the rights. Basically you can do that by set up a role and enter all the tables EXCEPT that particular table and create a special roles for that particular table so that you can attache that to the users. But I would like to keep that handy ‘0’ to have rights for all the tables and use the permission property on the form. But I have the feeling that this permission property field on a form has only an additional purpose to the permission rights. It doesn’t allow you to setup a complete permission setup for that form. My question is: how can I achieve my goal? All suggestions are welcome. Thanks in advance, Roelof.

Hi, I can be wrong but I think only “Execute” permitions applied to the forms. It means the user can or cannot run form. The Modify and Read applied only on TableData level. Valentin Gvozdev BMI Inc.

I would recommend not going with the method you mentioned. Even if it would work, it would require modification to the every form in question. Plus, the table level security insures that nothing is missed (navigate, lookups, etc). To save time, once you have a user from one group setup and a you need to add security to a user in the same group, you can copy & paste the Groups/Permissions. Bill Benefiel Manager of Information Systems Overhead Door Company (317) 842-7444 ext 117

Thanks for the suggestions. The problem what I have is that I want to exclude certain users from modifying a table (just ‘read’ permission rights), while other users should have all the rights.

Let me rephrase this: I created a special form with certain rights, using the permission property on this form. When I try to run this form it keeps telling me that I dont have the rights to run certain tables for this form, although I setup the permission rights for it on the form.

Setting the permission property of a form for certain tables does not by itself give a user access to those tables. The user must still be assigned a role that grants permission to those tables. Typically the role provides for indirect access - meaning that the user may not access the table directly but only through another object (e.g. form) that grants permission to the table.

Roelof, The rights that you set up on the form level DO NOT grant rights to the user, UNLESS the user has “Indirect” rights of the same type. It seems that you may also consider Form-properties - ModifyAllowed, InsertAllowed, Editable. Alex

Thanks for all the replies. It really helped me out.