app design user with different access rights firebird

[Jim McNamara]

Hi all-

What is the best way to handle this example situation : a user wants to read, update, or delete tasks assigned to them by a boss but not be able to view other employee tasks and update or delete those tasks?

I am using freepascal, and I never designed anything where people have different access rights. Can you reuse controls or do you make separate forms and controls depending on what the access rights are?

Sorry I posted at firebird-general. Right after I posted I read don't post here and that is my first duh moment of the day.

Thanks.

robo-loki

[Jim McNamara]

Hi -

the question got answered at firebird-general. They said to create a user field and filter by that.

thanks!

[DougC]

Depends if you want to really block access to the other records or just do it in the app. Since you have to provide full read, write, delete to the whole table, each user could access the database using a different program and see all records.

---- On Sun, 21 Feb 2021 16:45:07 -0500 Jim McNamara <nefario...@gmail.com> wrote ----

[Jim McNamara]

Thanks Doug. 

I will carefully consider that. robo-loki

[Mark Rotteveel]

On 21-02-2021 23:04, DougC wrote:
> Depends if you want to really block access to the other records or just
> do it in the app. Since you have to provide full read, write, delete to
> the whole table, each user could access the database using a different
> program and see all records.

You don't necessarily have to do that. There is a lot you can do using
views (and selectable stored procedures) to give users the impression
they are accessing tables, while they are not.

Mark
--
Mark Rotteveel

[Jim McNamara]

Okay Mark.

I will look at views. I had considered that. I have a little extra time to fool with firebird this weekend if I can log in to superserver tonight or tomorrow.

thanks.

robo-loki