Checking Permissions for Objects

You can retrieve the permissions for a particular user or group on a particular object with the ADOX GetPermissions method. Because this method returns a numeric permission value for the specified object, if you want to display the names of constants representing permissions, you must write more code to decipher the returned value. The procedure in Hands-On 17-13 demonstrates how to retrieve the permissions set for the PowerUser on the Customers table in a sample database.

©Hands-On 17-13: Checking Permissions for a Specific Object

1. Insert a new module and, in the module's Code window, enter the GetObjectPermissions procedure as shown below.

Sub GetObjectPermissions(strUserName As String, _ varObjName As Variant, _ lngObjType As ADOX.ObjectTypeEnum)

Dim conn As ADODB.Connection Dim cat As ADOX.Catalog Dim strDB As String Dim strSysDb As String Dim listPerms As Long Dim strPermsTypes As String

Creating and Manipulating Databases with ADO

On Error GoTo ErrorHandle strDB = "C:\BookProject\SpecialDb.mdb" strSysDb = "C:\BookProject\Security.mdw"

' Open connection to the database using ' the specified system database Set conn = New ADODB.Connection With conn

.Provider = "Microsoft.Jet.OLEDB.4.0" .Properties("Jet OLEDB:System Database") = strSysDb .Properties("User ID") = "Developer" .Properties("Password") = "chapter17" .Open strDB End With

' Open the catalog Set cat = New ADOX.Catalog cat.ActiveConnection = conn ' add a user account cat.Users.Append "PowerUser", "star"

listPerms = cat.Users(strUserName) _

.GetPermissions(varObjName, lngObjType) Debug.Print listPerms

If (listPerms And ADOX.RightsEnum.adRightCreate) = adRightCreate Then strPermsTypes = strPermsTypes & "adRightCreate" & vbCr End If

If (listPerms And RightsEnum.adRightRead) = adRightRead Then strPermsTypes = strPermsTypes & "adRightRead" & vbCr End If

If (listPerms And RightsEnum.adRightUpdate) = adRightUpdate Then strPermsTypes = strPermsTypes & "adRightUpdate" & vbCr End If

If (listPerms And RightsEnum.adRightDelete) = adRightDelete Then strPermsTypes = strPermsTypes & "adRightDelete" & vbCr End If

If (listPerms And RightsEnum.adRightInsert) = adRightInsert Then strPermsTypes = strPermsTypes & "adRightInsert" & vbCr End If

If (listPerms And RightsEnum.adRightReadDesign) = adRightReadDesign Then strPermsTypes = strPermsTypes & "adRightReadDesign" & vbCr End If

Debug.Print strPermsTypes

MsgBox "Permissions are listed in the Immediate window." ExitHere:

Set cat = Nothing conn.Close Set conn = Nothing Exit Sub ErrorHandle:

If Err.Number = -2147467259 Then

' because PowerUser user already exists ' we ignore this statement

Part II

Resume Next

Else

MsgBox Err.Description Resume ExitHere End If End Sub

2. To run the GetObjectPermissions procedure shown above, enter the following statement in the Immediate window and press Enter to execute it:

GetObjectPermissions "PowerUser", "Customers", adPermObjTable

Figure 17-22: The procedure in Hands-On 17-13 writes the permissions found for PowerUser to the Customers table to the Immediate window.

GetObjectPermissions "PowerUser", "Customers", adPermObjTable

0 0

Post a comment