[AccessD] LWS Beta testers

John Bartow john at winhaven.net
Mon Jan 26 10:00:19 CST 2004 

John,
When can I get LWS?

John B.

> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of John W. Colby
> Sent: Sunday, December 21, 2003 6:30 PM
> To: AccessD
> Subject: [AccessD] LWS Beta testers
>
>
> Folks,
>
> I am working on my Light Weight Security system and am looking for beta
> testers, i.e. people who would like a presentation level security system
> such as I am designing.  This email will briefly outline how
> things work so
> that you can decide whether you would like to test it.  I am looking for
> PROGRAMMERS as beta testers.
>
> LWS is designed to restrict basic operations on forms and controls.  The
> form operations / properties that it will affect are Open form,
> Edit record,
> Delete record and Add record.  The control properties affected
> are Enabled,
> Locked, and Visible.
>
> LWS is NOT designed to replace Access' (or SQL Server's) security.  LWS is
> designed to allow the developer to restrict operations at the INTERFACE
> level, i.e. who can open forms, who can edit records in a given form, who
> can SEE a given control on a given form, who can EDIT data in a given
> control on a given form.  These are fundamentally different
> issues than the
> built in DATA security that Access and SQL Server provide.  I designed LWS
> because my clients asked for things like "only allow certain users to be
> able to see (or use) this control" or "only allow certain users to be able
> to open this form" etc.
>
> As an example, suppose you have a form that is used by several different
> groups of people in the company.  One group can only use the form
> to browse
> data, never edit or delete the data.  One group is allowed to
> open the form
> and edit records, but never delete records.  Another group can also delete
> records.  Another group is allowed to edit most of the data but several of
> the fields should be read only, i.e. that group cannot edit those fields.
> Another form displays sensitive data that only the Personnel group can see
> (and edit) the salary field for.  Other groups can see the form but the
> salary field is just invisible.
>
> All of these kinds of issues are what LWS is designed to address.
>
> LWS is designed around a Users / Groups metaphor similar to
> Windows NT/2K/XP
> etc.  Users exist but don't directly have any innate abilities.  Users
> belong to Groups.  Groups can do things.
>
> Forms and controls can be manipulated by groups.  Groups can open (or not)
> forms, edit / delete (or not) records in a given form.  Groups can see /
> enter / edit (or not) specific controls on forms.  All of these
> things that
> groups can do are simply manipulations of the built in properties of the
> forms or controls.  Open (not a property but controlled by LWS),
> AllowEdit,
> AllowDelete, AllowAdd etc can be masked by LWS as the form opens such that
> specific groups can control these properties while others cannot.  Control
> properties Visible, Enabled and Locked are controlled in the same manner.
>
> There are a set of tables that support the LWS system:
>
> uSysLWSUsers contains user information - Name, PEID (mapped to your
> Personnel ID if you desire) and password hash (MD5).
> usystblLWSGroup contains group information - Name and the 2^x bit that is
> used for mapping it's abilities later.
> usystblLWSGroupUser contains mappings of users to groups.  A simple m-m
> uSysLWSUsers and usystblLWSGroup.
> MsysForms contains form security information - Form ID, Form name, Open,
> Edit, Add and Delete maps.
> MsysControls contains control security information - Form ID,
> Control name,
> Enabled, Locked and Visible maps
>
> There are a handful of forms to support LWS:
>
> usysfrmLWSLogin - The login form.
> usysfrmLWSUsers - The form for setting up users.
> usysfrmLWSGroups - The form for setting up groups.
> usysfrmLWSSetupFrmSecurity - The form that assists the developer
> in setting
> up form security
>
> LWS is NOT finished, but all of the basic tables are in place, I am using
> the login in my apps, and the code to implement LWS security for forms and
> controls is up and functioning.
>
> LWS will be a library (MDA for now) with full source code
> available to beta
> testers.  Please remember, I am looking for "code jocks" for now.    You
> should be comfortable instantiating classes, calling class methods and
> setting class properties, manipulating form and control attributes via VB
> etc.
>
> I REALLY need people with the time to play with this thing, tell me what
> they like or don't like, what I haven't considered etc.
>
> I think this should give enough information to allow you to decide whether
> you are interested.  If you are interested, please contact me OFF LIST at
> LWS at colbyconsulting.com.
>
> John W. Colby
> www.ColbyConsulting.com
>
>
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
>
>

More information about the AccessD mailing list