I would like to create an emplyee expense entry form in my database. I want
the "employee" filed, identifying who made the charges, to be restricted to
the employee that cooresponds with the user logged on. How is this done?
Joan has already given the technical answers. I just add a few things.
Clearly, one needs to have a "logonID-to-FullUsername" table. It's easy enough
to have/maintain an additional table which maps logons to actual user names.
This is needed because a) logons tend to be cryptic, might even be based on
some job description such as "User1". b) for all we know, there is nothing to
stop several people using the same logon, or an existing logged-on PC, etc.
"Usually" this is no big deal, but if you're logging the employee's "personal
stuff" based on the logon, then obviously there needs to be commensurate
training on "logging off"!!!
-----
To fill out, say, "Expense Details", I'd expect as a programmer to need to
emblazon across the screen who exactly the program thinks is logged on! Well,
strange things happen! There's no guarantee that "Joe" is really "Joe" just
based on logon, and certainly not if there's a dispute.
(Perhaps the "expense form" should require some "each-time" validating ID or
"PID". For the sites I know, too easy for user to make a mistake by just
relying on "login" ***unless strictly enforced***)
-----
Windows Login Name is likely to be even worse, so far as "leaving logged on"
is concerned.
-----
Other than that, CurrentUser criteria in SQL queries, and possibly "Owner
permissions" (lookup Help, RWOP, Run With Owner Permission) may sometimes
assist to tighten things down. RWOP helps to not be able to see other user's
data, assuming logon/logoff is enforced.
Of course, ULS (User Level Security) is what this is all based on, but ULS has
been discontinued (apart from Legacy-Mode) in A2007. Therefore, if I was
future-looking (I'm not <g>), I'd be looking at how to replace the entire ULS
model !!!
-----
(in short, it'll only work as well as you enforce logon/logoff. And there are
no in-built timeouts or any other security check. I have to go now and check
my expenses...)
(When I visit sites, I can SEE my software is being used because many, many,
screens are sitting there unattended with my s/w up! If I had a security
problem with certain stuff being up and unattended, I'm sure I'd have some
timeout.)(On Timer event on a form, for instance)
-----
<yawn> (sorry for repetition!) Separate validation besides logon, for
something "critical", would allow user to use any existing logged-on screen,
and also the logged-on screen to remain secure?
Yours paranoid!
Chris
