Wednesday, September 17, 2014

How To Implement A Simple System User Level In VB6 and MS Access (The Cool Dude Way)

In an organization or company, each employee has certain access level to company's sensitive information. The company keeps an organizational chart which enforce the hierarchy of employee and their current  position. This will enable us to determine which user has access to which part of the system. Since we already have our login facility added to our fancy Project, we will now implement the System User Level.

The login form will simply filter valid users to the system. But once valid users are in, we still need to implement further security check. The main purpose of the SUL is to limit the access of those valid users to the modules or elements of our system.

Note: "This tutorial will just introduce a simple (lame) approach on how to implement SUL. However, I encourage you to come up with your own method or approach, a kick-ass one. Once again, use some logic."

We will jump-start by expanding our menu list, follow the structure below:

Masterfiles
  • Manage Student
  • Manage Subject
 Transactions
  • Enroll
  • Grade Entry
Queries
  • Search Student
Reports
  • Student list
  • Student Grade
Help
  • About
Log-out


For this tutorial, we will assume that there are three types of user: Administrator, Teacher and Encoder.
Below are their user levels:

Administrator - Overall access
Teacher - Can only access Grade Entry, Search Student, Student list and Student Grade
Encoder - Can only Manage Student and Manage Subject

Now we are ready to edit the database. We need to add another field to the 'User' table, see illustration below:

Table: User
Field Name               Data Type         Attribute           Value
username                  Text                    Field Size          15
password                  Text                    Field Size           8
fullname                   Text                    Field Size          100
usrlevel                    Number             Field Size          Byte

The next step is not very impressive, but it will work for now. For the sake of simplicity (but lame) we will device a picture box and a label control to hold our user's user level variable. Add a picture box to your MDIForm. Inside the picturebox, draw a label and name it 'lblUserLevel'.

At this point, we are now ready to write some code. Copy and paste the snippet below to your login form. The exact place on where to put the code is for you to figure out. Use some logic lads.

        MDIForm1.lblUserLevel.Caption =Adodc1.Recordset.Fields("usrlevel")       
        Dim lvl As Integer   


        lvl = MDIForm1.lblUserLevel.Caption
    
        If lvl = 1 Then

            'The following block was written by Miss Mendoza
            MDIForm1.muTransGradeEntry.Enabled = True
            MDIForm1.mnuQSearchStud.Enabled = True
            MDIForm1.mnuRepStudlist.Enabled = True
           
            MDIForm1.mnuStudForm.Enabled = True
            MDIForm1.mnuSubjForm.Enabled = True
           
            MDIForm1.mnuTransEnroll.Enabled = True
            MDIForm1.mnuRepStudGrade.Enabled = True
            MDIForm1.mnuHelpAbout.Enabled = True
            'End of Miss Mendoza's code
        


       
        ElseIf lvl = 2 Then

           
            MDIForm1.muTransGradeEntry.Enabled = True
            MDIForm1.mnuQSearchStud.Enabled = True
            MDIForm1.mnuRepStudlist.Enabled = True
           
            MDIForm1.mnuStudForm.Enabled = False
            MDIForm1.mnuSubjForm.Enabled = False
           
            MDIForm1.mnuTransEnroll.Enabled = False
            MDIForm1.mnuRepStudGrade.Enabled = False
            MDIForm1.mnuHelpAbout.Enabled = False
        

       'Code of Miss Lito   
        ElseIf lvl = 3 Then
            MDIForm1.mnuStudForm.Enabled = True
            MDIForm1.mnuSubjForm.Enabled = True           
           
            MDIForm1.mnuTransEnroll.Enabled = False
            MDIForm1.muTransGradeEntry.Enabled = False
            MDIForm1.mnuQSearchStud.Enabled = False
            MDIForm1.mnuRepStudlist.Enabled = False
            MDIForm1.mnuRepStudGrade.Enabled = False
            MDIForm1.mnuHelpAbout.Enabled = False
                         
           
        End If

        'End of Miss Lito's code 

For the logout module:

        lblUserLevel.Caption = ""
        frmLogin.Show 1

Finally, we have one thing left to do and that is to test the  program. Run the application and login using our user accounts.




No comments:

Post a Comment