The login form will simply filter valid users to the system. But once valid users are in, we still need to implement further security check. The main purpose of the SUL is to limit the access of those valid users to the modules or elements of our system.
Note: "This tutorial will just introduce a simple (lame) approach on how to implement SUL. However, I encourage you to come up with your own method or approach, a kick-ass one. Once again, use some logic."
We will jump-start by expanding our menu list, follow the structure below:
Masterfiles
- Manage Student
- Manage Subject
- Enroll
- Grade Entry
- Search Student
- Student list
- Student Grade
- About
For this tutorial, we will assume that there are three types of user: Administrator, Teacher and Encoder.
Below are their user levels:
Administrator - Overall access
Teacher - Can only access Grade Entry, Search Student, Student list and Student Grade
Encoder - Can only Manage Student and Manage Subject
Now we are ready to edit the database. We need to add another field to the 'User' table, see illustration below:
Table: User
Field Name Data Type Attribute Value
username Text Field Size 15
password Text Field Size 8
fullname Text Field Size 100
usrlevel Number Field Size Byte
The next step is not very impressive, but it will work for now. For the sake of simplicity (but lame) we will device a picture box and a label control to hold our user's user level variable. Add a picture box to your MDIForm. Inside the picturebox, draw a label and name it 'lblUserLevel'.
At this point, we are now ready to write some code. Copy and paste the snippet below to your login form. The exact place on where to put the code is for you to figure out. Use some logic lads.
MDIForm1.lblUserLevel.Caption =Adodc1.Recordset.Fields("usrlevel")
Dim lvl As Integer
lvl = MDIForm1.lblUserLevel.Caption
If lvl = 1 Then
'The following block was written by Miss Mendoza
MDIForm1.muTransGradeEntry.Enabled = True
MDIForm1.mnuQSearchStud.Enabled = True
MDIForm1.mnuRepStudlist.Enabled = True
MDIForm1.mnuStudForm.Enabled = True
MDIForm1.mnuSubjForm.Enabled = True
MDIForm1.mnuTransEnroll.Enabled = True
MDIForm1.mnuRepStudGrade.Enabled = True
MDIForm1.mnuHelpAbout.Enabled = True
'End of Miss Mendoza's code
ElseIf lvl = 2 Then
MDIForm1.muTransGradeEntry.Enabled = True
MDIForm1.mnuQSearchStud.Enabled = True
MDIForm1.mnuRepStudlist.Enabled = True
MDIForm1.mnuStudForm.Enabled = False
MDIForm1.mnuSubjForm.Enabled = False
MDIForm1.mnuTransEnroll.Enabled = False
MDIForm1.mnuRepStudGrade.Enabled = False
MDIForm1.mnuHelpAbout.Enabled = False
'Code of Miss Lito
ElseIf lvl = 3 Then
MDIForm1.mnuStudForm.Enabled = True
MDIForm1.mnuSubjForm.Enabled = True
MDIForm1.mnuTransEnroll.Enabled = False
MDIForm1.muTransGradeEntry.Enabled = False
MDIForm1.mnuQSearchStud.Enabled = False
MDIForm1.mnuRepStudlist.Enabled = False
MDIForm1.mnuRepStudGrade.Enabled = False
MDIForm1.mnuHelpAbout.Enabled = False
End If
'End of Miss Lito's code
For the logout module:
lblUserLevel.Caption = ""
frmLogin.Show 1
Finally, we have one thing left to do and that is to test the program. Run the application and login using our user accounts.
No comments:
Post a Comment