Re: MS Access interface to Oracle 7
Date: 1995/05/13
Message-ID: <879287499wnr_at_scroll.demon.co.uk>#1/1
In article: <3ob2rd$3tuf_at_lamar.ColoState.EDU> ana_at_lamar.ColoState.EDU (Ana Silva) writes:
>
> John Malathronas (John_at_scroll.demon.co.uk) wrote:
>
> : Indeed you can. This is a big problem, because once you
> : have installed ODBC and SQL*Net 2.0 - your users can go
> : directly to the tables and bypass any of your forms, be
> : they Visual Basic or ACCESS or Forms 4.5. Once you have
> : granted update/delete access to a table, thinking that
> : your user will always use a particular form, the user
> : can fire up Access and have access to the table records
> : RAW. It is terrible. It's as if you are giving all
> : your users SQLPLUS access to your database.
>
> We're thinking about taking care of this problem by using
> roles. To start, nobody has update/delete rights to anything.
> Whenever the form starts (startup trigger) it creates
> the roles granting permission to the specific users, allowing
> to change the table. When the user exits the form (post-form
> maybe) it "deletes" the role. We're still working on this,
> so I don't have all the details.
> Hope this helps,
>
> Ana
>
I am glad someone else has recognised this. We have stopped
using the default base table on a form and we only use
control blocks with triggers to the 'base' tables on-delete
on-update etc. Which rather defeats the purpose of having
all these wonderful tools does it not ?
I am not sure whether it is SQL*Net which is at fault or the ODBC architecture.
John Malathronas | My opinions are my own, so I change them daily. + -----------------------| |john_at_scroll.demon.co.uk| "Only fools learn from their own mistakes " +
-----------------------|---------------------------------------------------Received on Sat May 13 1995 - 00:00:00 CEST