| Subject | Handling user permissions |
|---|---|
| Author | mirco@intellitec.de |
| Post date | 2001-11-21T08:54:50Z |
I am writing an application that provides access for different kinds
of users. Accordingly, I have set up different users with different
permissions in the database.
Running my Delphi application based on IBO now causes a problem if
the user does not have insert/update rights on a table.
As the customer would like to maintain the users and rights on his
own, the user interface needs to somehow detect whats the currently
logged in user is allowed to do.
Suppose the user opens a window with to display and edit the result
of a query. If the user has write permissions to the table, the query
should be read/write, if not, read-only.
I tried to setup a query with appropriate update/insert/delete
statements and (as expected) it works for a user with all
permissions.
For the read-only user however, opening the query fails, because IBO
tries a prepare for the update/insert/delete which does not work.
Is there a way to properly handle this? What I would like to do is
tell IBO to ignore the update/insert/del statements if they fail to
prepare. Currently, the error is catched by the database connection's
error method, which displays a message box.
Thank you for any suggestions
Mirco
of users. Accordingly, I have set up different users with different
permissions in the database.
Running my Delphi application based on IBO now causes a problem if
the user does not have insert/update rights on a table.
As the customer would like to maintain the users and rights on his
own, the user interface needs to somehow detect whats the currently
logged in user is allowed to do.
Suppose the user opens a window with to display and edit the result
of a query. If the user has write permissions to the table, the query
should be read/write, if not, read-only.
I tried to setup a query with appropriate update/insert/delete
statements and (as expected) it works for a user with all
permissions.
For the read-only user however, opening the query fails, because IBO
tries a prepare for the update/insert/delete which does not work.
Is there a way to properly handle this? What I would like to do is
tell IBO to ignore the update/insert/del statements if they fail to
prepare. Currently, the error is catched by the database connection's
error method, which displays a message box.
Thank you for any suggestions
Mirco