In general, you shouldn’t check for a specific permission with the equal sign (=) as in the following line:
If (doc.Permissions = dbSecRetrieveData) Then
Rarely does a user have only one permission set. If the user had any other permission set (besides the dbSecRetrieveData permission constant), this example would fail. To check for a specific permission, use And with that permission’s value and the object’s Permission property, and check for a resulting value greater than 0. If it is, the user has the specified permission. The following example shows how to do this. In this example, strDbPath is the path to the database, strUser is the name of a user or group, and strDocument is the name of the Document object.
Sub CheckReadPerms(strDbPath As String, strUser As String, _
strDocument As String)
Dim dbs As Database
Dim doc As Document
Set dbs = OpenDatabase(strDbPath)
Set doc = dbs.Containers("Tables").Documents(strDocument)
' Specify user or group name.
doc.UserName = strUser
' Use And operator to compare permissions.
If (doc.Permissions And dbSecRetrieveData) > 0 Then
Debug.Print strUser & " has read permissions for " _
& strDocument & "."
Else
Debug.Print strUser & " does not have read permissions " _
& "for " & strDocument & "."
End If
End Sub
You should also note that this example checks only for explicit permissions: those assigned to that user for that object. It does not take into account any implicit permissions that exist through group membership. The following example is more thorough in that it uses the AllPermissions property to take into account the user’s group permissions. In this example, strDbPath is the path to the database, strUser is the name of a user or group, and strDocument is the name of the Document object:
Sub CheckAllReadPerms(strDbPath As String, strUser As String, _
strDocument As String)
Dim dbs As Database, doc As Document
Set dbs = OpenDatabase(strDbPath)
Set doc = dbs.Containers("Tables").Documents(strDocument)
' Specify name of user or group.
doc.UserName = strUser
' Check all permissions for user on document.
If (doc.AllPermissions And dbSecRetrieveData) > 0 Then
Debug.Print strUser & " has implicit or explicit read " _
& "permissions for " & strDocument & "."
Else
Debug.Print strUser & " has no permissions."
End If
End Sub