John W. Colby
jcolby at colbyconsulting.com
Sun Dec 21 18:30:11 CST 2003
Folks, I am working on my Light Weight Security system and am looking for beta testers, i.e. people who would like a presentation level security system such as I am designing. This email will briefly outline how things work so that you can decide whether you would like to test it. I am looking for PROGRAMMERS as beta testers. LWS is designed to restrict basic operations on forms and controls. The form operations / properties that it will affect are Open form, Edit record, Delete record and Add record. The control properties affected are Enabled, Locked, and Visible. LWS is NOT designed to replace Access' (or SQL Server's) security. LWS is designed to allow the developer to restrict operations at the INTERFACE level, i.e. who can open forms, who can edit records in a given form, who can SEE a given control on a given form, who can EDIT data in a given control on a given form. These are fundamentally different issues than the built in DATA security that Access and SQL Server provide. I designed LWS because my clients asked for things like "only allow certain users to be able to see (or use) this control" or "only allow certain users to be able to open this form" etc. As an example, suppose you have a form that is used by several different groups of people in the company. One group can only use the form to browse data, never edit or delete the data. One group is allowed to open the form and edit records, but never delete records. Another group can also delete records. Another group is allowed to edit most of the data but several of the fields should be read only, i.e. that group cannot edit those fields. Another form displays sensitive data that only the Personnel group can see (and edit) the salary field for. Other groups can see the form but the salary field is just invisible. All of these kinds of issues are what LWS is designed to address. LWS is designed around a Users / Groups metaphor similar to Windows NT/2K/XP etc. Users exist but don't directly have any innate abilities. Users belong to Groups. Groups can do things. Forms and controls can be manipulated by groups. Groups can open (or not) forms, edit / delete (or not) records in a given form. Groups can see / enter / edit (or not) specific controls on forms. All of these things that groups can do are simply manipulations of the built in properties of the forms or controls. Open (not a property but controlled by LWS), AllowEdit, AllowDelete, AllowAdd etc can be masked by LWS as the form opens such that specific groups can control these properties while others cannot. Control properties Visible, Enabled and Locked are controlled in the same manner. There are a set of tables that support the LWS system: uSysLWSUsers contains user information - Name, PEID (mapped to your Personnel ID if you desire) and password hash (MD5). usystblLWSGroup contains group information - Name and the 2^x bit that is used for mapping it's abilities later. usystblLWSGroupUser contains mappings of users to groups. A simple m-m uSysLWSUsers and usystblLWSGroup. MsysForms contains form security information - Form ID, Form name, Open, Edit, Add and Delete maps. MsysControls contains control security information - Form ID, Control name, Enabled, Locked and Visible maps There are a handful of forms to support LWS: usysfrmLWSLogin - The login form. usysfrmLWSUsers - The form for setting up users. usysfrmLWSGroups - The form for setting up groups. usysfrmLWSSetupFrmSecurity - The form that assists the developer in setting up form security LWS is NOT finished, but all of the basic tables are in place, I am using the login in my apps, and the code to implement LWS security for forms and controls is up and functioning. LWS will be a library (MDA for now) with full source code available to beta testers. Please remember, I am looking for "code jocks" for now. You should be comfortable instantiating classes, calling class methods and setting class properties, manipulating form and control attributes via VB etc. I REALLY need people with the time to play with this thing, tell me what they like or don't like, what I haven't considered etc. I think this should give enough information to allow you to decide whether you are interested. If you are interested, please contact me OFF LIST at LWS at colbyconsulting.com. John W. Colby www.ColbyConsulting.com