All DAO access to users, groups, and permissions occurs through the Container and Document objects. DAO uses the Containers and Documents collections to expose the objects in a database to the database’s host, whether that host is an application using DAO code or an application such as Microsoft Access. The Containers and Documents collections differ from other collections and objects in that they allow Microsoft Jet to store and manage objects that are created by the database’s host application. For example, in a Microsoft Jet database created by Microsoft Access, there are Document objects to store Microsoft Access forms and reports. Even though Microsoft Access forms and reports aren’t native Microsoft Jet objects, the Containers and Documents collections allow Microsoft Jet to store these objects and maintain security on them. By locating programmatic security access at the Containers and Documents level, Microsoft Jet extends its security services to any application that requires it.
See Also You may find it useful to review the overview of the DAO object hierarchy in Chapter 2, “Introducing Data Access Objects.”
All Microsoft Jet databases contain at least three containers:
Microsoft Jet defines a set of permissions for the three containers it supports directly. Permissions for other containers must be defined by the application that defines the permissions. Only then can Microsoft Jet maintain security on these foreign objects. For example, Microsoft Access defines a set of permissions for Form objects that Microsoft Access stores in the Forms container it adds to the database. You can use the Object Browser in Microsoft Access to see these permissions constants, or you can read about them in Microsoft Access Help. The security constants for Microsoft Access objects begin with the prefix “acSec.”