Security: Add/Delete Users From Form in Code

Tuesday, June 17, 2003 00:53:43
home

Wow. I really plugged away tinkering around with solutions found at Google newsgroup searching. Finally, I found one that halfway worked, once I figured a couple of things on my own and tinkered with it.

Thing is, it was really simple adding a new user in code. The problem was having this user joined to one group at a time. Creating the user and assigning it to a particular group at that time was easy. But to specify that the user should also be joined to another group, that was very difficult for me to figure out how to do. Finally, largely by using my one instincts frankly, I figured out how.

The steps:

  • Create a blank, unbound form. Add a text box named txtUserName. Add 2 command buttons, one named cmdAddUser and another named cmdDeleteUser.
  • Save this form as frmAddDeleteUsers
  • Make sure in your security that ONLY an authorized person can open this form; as it's designed, anyone who can open this form can add users, even if their permissions otherwise are limited.
  • Enter the following code in the form: 
    Private Sub cmdAddUser_Click()
Call CreateNewUser(Me.txtUserName)
End Sub

Private Sub cmdDeleteUser_Click()
Call delete_user(Me.txtUserName)
End Sub
  • Create a new module, name it basAddDeleteUser
  • Enter the following code in the module: 
    
Public Sub CreateNewUser(ByVal strUser As String)

' Create a new user and add them to the Full Data Users group and then to the Users Group
' Returns True on success, False if user already exists
   Dim db As Database
   Dim ws As Workspace
   Dim usr As User
   Dim grpUsers As Group
   Dim strPID As String

' The Next 3 lines are commented out; there appears to be
'  a missing function for detecting if the user you're attempting to add already exists. 
' As it stands, if the operator tries to do this, an error results; error-trapping
' would seem to be the way to handle this if I can't figure out the IsUser function.

'If IsUser(strUser) = True Then
   '   Exit Sub
'End If

'Set ws = DBEngine.Workspaces(0)
' The above set ws is commented out as that was what originally appeared 
' in the code I found. Problem is, only admins could 
' add/delete users.  In my experimentation,  the following edit sort of 
' "logs in" as administrator thus allowing anyone opening this form to add/delete users.
' I wonder if {Dim ws as Workspace} should read {Dim ws as DAO.Workspace}
' I also wonder if {Dim usr as User} should read {Dim usr as DAO.User}. 
' Notice the delete_user function has that syntax.

Set ws = DBEngine.CreateWorkspace("AdminWorkspace", "AdminID", _
        "AdminPassword")
   Const conGroup As String = "Full Data Users"
   ws.Users.Refresh
   ' go ahead and create the user account

   strPID = strUser & strUser
   strPID = Left(strPID, 20)     ' max 20 chars
   
With ws
    Set usr = .CreateUser(strUser, strPID, "")
    .Users.Append usr
    Set grpUsers = usr.CreateGroup(conGroup)
    usr.groups.Append grpUsers
End With
   
'***********************************
' FINALLY FIGURED IT OUT!! This code adds the new user
' to the group Users after having created it and joined it
' to the "Full Data Users" group in the prior code.

With ws
    Set grpUsers = usr.CreateGroup("Users")
    usr.groups.Append grpUsers
End With
ws.Users.Refresh
'***********************************

MsgBox "New user = " & strUser
Set ws = Nothing
Set usr = Nothing
End Sub

Function delete_user(stUsr As String)
' Delete User
Dim wrk As DAO.Workspace
Dim usr As DAO.User
  Set wrk = DBEngine.CreateWorkspace _
        ("", "AdminUser", "AdminPassword", dbUseJet)
  wrk.Users.Delete stUsr
Set wrk = Nothing
Set usr = Nothing
MsgBox "User " & stUsr & " has been deleted."
End Function