Permissions Property

Applies To

Container object, Document object.

Description

Sets or returns a value that establishes the permissions for the user or group identified by the UserName property of a Container or Document object (Microsoft Jet workspaces only).

Settings and Return Values

The setting or return value is a Long constant that establishes permissions. The following tables list the valid constants for the Permissions property of various DAO objects. Unless otherwise noted, all constants shown in all tables are valid for Document objects.

The following table lists possible values for Container objects other than Tables and Databases containers.

Constant

Description

dbSecNoAccess

The user doesn't have access to the object (not valid for Document objects).

dbSecFullAccess

The user has full access to the object.

dbSecDelete

The user can delete the object.

dbSecReadSec

The user can read the object's security-related information.

dbSecWriteSec

The user can alter access permissions.

dbSecWriteOwner

The user can change the Owner property setting.


The following tables lists the possible settings and return values for the Tables container.

Constant

Description

dbSecCreate

The user can create new documents (not valid for Document objects).

dbSecReadDef

The user can read the table definition, including column and index information.

dbSecWriteDef

The user can modify or delete the table definition, including column and index information.

dbSecRetrieveData

The user can retrieve data from the Document object.

dbSecInsertData

The user can add records.

dbSecReplaceData

The user can modify records.

dbSecDeleteData

The user can delete records.


The following tables lists the possible settings and return values for the Databases container.

Constant

Description

dbSecDBAdmin

The user can replicate a database and change the database password (not valid for Document objects).

dbSecDBCreate

The user can create new databases. This option is valid only on the Databases container in the workgroup information file (System.mdw). This constant isn't valid for Document objects.

dbSecDBExclusive

The user has exclusive access to the database.

dbSecDBOpen

The user can open the database.


Remarks

Use this property to establish or determine the type of read/write permissions the user has for a Container or Document object.

A Document object inherits the permissions for users from its Container object, provided the Inherit property of the Container object is set for those users or for a group to which the users belong. By setting a Document object's Permissions and UserName properties later, you can further refine the access control behavior of your object.

If you want to set or return permissions for a user that includes permissions inherited from any groups to which the user belongs, use the AllPermissions property.

See Also

Inherited property, UserName property.

Specifics (Microsoft Access)

Microsoft Access defines four types of Container objects in addition to those defined by the Microsoft Jet database engine. These include the Forms, Reports, Scripts, or Modules Container objects. Individual Form, Report, Script and Module Document objects belong to the Documents collections of these Container objects. For these Container and Document objects, you can also set the Permissions property to the following constants.

Constant

User or group can

acSecFrmRptReadDef

Open the form or report in Design view but not make any changes.

acSecFrmRptWriteDef

Modify or delete the form or report in Design view.

acSecFrmRptExecute

Open the form in Form view or Datasheet view; print or open the report in Sample Preview or Print Preview.

acSecMacReadDef

Open the Macro window and view a macro without making changes.

acSecMacWriteDef

Modify or delete the macro in the Macro window.

acSecModReadDef

Open the module but not make any changes.

acSecModWriteDef

Modify or delete the contents of a module.

acSecMacExecute

Run the macro.


Example

See the AllPermissions property example.

Example (Microsoft Access)

The following example adds a new user account by creating a User object and appending it to the Users collection of the default workspace. It then sets permissions for the new user for all tables in the database. The procedure first sets the UserName property of a Tables Container object to the name of the new user, then sets the Permissions property to the appropriate permissions.

Note that the And operator performs a bitwise comparison to determine whether an attribute is currently set.

Note When programming security, you should avoid including actual password and PID information in your code. The following example is intended for demonstration purposes only.

Function SetPermissions(strName As String, strPID As String, _
        strPassword As String) As Boolean
    Dim dbs As Database, ctrTables As Container
    Dim wspDefault As Workspace, usrNew As User

    On Error GoTo ErrorSetPermissions
    ' Return reference to default workspace.
    Set wspDefault = DBEngine.Workspaces(0)
    ' Create User object, specifying name, PID, and password.
    Set usrNew = wspDefault.CreateUser(strName, strPID, strPassword)
    ' Append to Users collection of default workspace.
    wspDefault.Users.Append usrNew
    ' Return reference to current database.
    Set dbs = CurrentDb
    ' Return reference to Tables container.
    Set ctrTables = dbs.Containers!Tables
    ctrTables.UserName = usrNew.Name
    ' Set new user's permissions for tables.
    ctrTables.Permissions = dbSecInsertData _
        And dbSecReplaceData And dbSecDeleteData
    SetPermissions = True

ExitSetPermissions
    Set dbs = Nothing
    Exit Function

ErrorSetPermissions
    MsgBox Err & ": " & Err.Description
    SetPermissions = False
    Resume ExitSetPermissions
End Function
The next procedure prompts the user to enter his or her name and a password and creates a PID value:

Sub NewUserPrompt()
    Dim strName As String, strPassword As String
    Dim intR As Integer, strPID As String
    Dim blnReturn As Boolean

    ' Prompt user for name and password.
    strName = InputBox("Enter your name.")
    strPassword = InputBox("Enter a password with up to 14 characters.")
    ' Seed random number generator.
    Randomize
    ' Generate PID string.
    For intR = 0 To 19
        strPID = strPID & Chr$(Int(256 * Rnd))
    Next intR
    ' Call SetPermissions function.
    blnReturn = SetPermissions(strName, strPID, strPassword)
End Sub