Adam,

<< What I'm wanting to do is have a table that stores a list of staff
members, and what roles they're allowed to do. (In many cases not database
related). Such as which reports they can access, controlling external
switches, what areas of the program they can and can't access, etc). >>

Just so you know, many config/database objects in EDB, including users/roles
have attributes that can be modified with DDL statements.  Therefore, you
could easily use the users/roles in EDB and tag each role with the
*application roles* that the role applies to.   The attributes are just
text, so you can use key-value pairs, XML, etc.

If you have any other questions, please let me know.

Tim Young
Elevate Software
www.elevatesoft.com

Roy,

<< I think the type of access control that's built into ElevateDB is really
intended for those databases where multiple different applications not all
necessarily under the control of the same developer can access it. When you
have that you pretty much need to bake some sort of control into the
database.

Desktop apps (even when shared) are generally under the control of a single
developer and hence don't benefit as much from this approach. >>

DBISAM taught me one thing:  after a vertical market database application is
out there in the market, the first thing that customers want to start doing
is access the database for reporting purposes.  The next thing that happens
is the developers contact us asking us how they can lock out the customers
from doing anything damaging.

Tim Young
Elevate Software
www.elevatesoft.com

> Just so you know, many config/database objects in EDB, including
> users/roles have attributes that can be modified with DDL statements.
> Therefore, you could easily use the users/roles in EDB and tag each role
> with the *application roles* that the role applies to.   The attributes
> are just text, so you can use key-value pairs, XML, etc.

Thanks Tim - I'll check this out. Options are always good to have.

Cheers

Adam.

Tim


>DBISAM taught me one thing: after a vertical market database application is
>out there in the market, the first thing that customers want to start doing
>is access the database for reporting purposes. The next thing that happens
>is the developers contact us asking us how they can lock out the customers
>from doing anything damaging.

ROFAL

Roy