I'm trying to have a table only be updated by queries in the access database and prevent the ability for anyone to update the data in the tables physically. They will be able to still open the table and look at the data though.
Is this possible and not use the access web app?
Related
I want to be able to access to documents through a MySQL database(for example I want to create a table that has users and each user has some documents that they stored in alfresco so I want to access to them through this table)
Application layer of Alfresco managed whole database itself. You should not change this database directly. If you want to deal with permission to files, use standard feature https://docs.alfresco.com/content-services/latest/using/permissions).
There is a database with different tables for a mobile phone application.
UserIds are stored in the table for each row. Only these users should be allowed to read these data sets. Is this technically possible? If yes, how can I implement this?
I have a smartphone app where users can register to access the self created data. But I want to avoid a security hole that allows access to the whole table.
Edit: Correct text
I have created a link from access to the SQL server, but we also want to create a button in Access entry form so it would be easier to synchronize our data from access to SQL server. Already have a corresponding table in the SQL server and the link. Initially, I thought it would be straightforward to add a button on the Access form, to add a button and create a macro event, but my coworker said it would be complicated. So can anyone help to show me what I am expecting in this assignment as I am not able to find useful information so far?
A truly linked table does not need synchronization. It only exists in one location. For example: If you create a table in SQL and then make a linked table in Access then the changes in Access are written directly to the SQL table. The Access table doesn't contain anything but the link. This would be the correct set up.
I have ms access file of mdb format. I want audit trail enabled on one table. For every change I need to modified row details in audit trail table.
Here issue is, table doesnt use forms to update/insert/delete and it has composite primary key. We can enable audit trail if we use .accdb format(2010 access-by enabling Data Macros).
But I don't want to change existing file format. Is there a way to do this? Please suggest.
No, you cannot do what you describe using Access alone.
If you are adamant about keeping the .mdb file format then you cannot use Data Macros so the only way you could write to the audit table would be through VBA code behind forms. Any changes made directly to the data table would not be audited.
If you converted the back-end database to an Access 2010 .accdb then you could use Data Macros to update the audit table, but the audit table would not be secure. Users would need write access to the audit table so the Data Macro could update it. However, if they can write to the audit table indirectly via the Data Macro they can also write to the audit table directly. A malicious user could circumvent the audit by simply altering the audit table after updating the data table. (And, by logical extension, there is no way to audit changes to the audit table.)
One conceivable workaround would be to keep the data table in Access 2010 and put the audit table in a truly secure location like a SQL Server database. Unfortunately, that won't work because Data Macros cannot update linked tables.
So, in order to have a reliable and meaningful audit feature you will have to move your data tables to a secure back-end like SQL Server (or perhaps MySQL, or any number of other options), set the appropriate permissions on the data and audit tables, and use a mechanism like triggers to maintain the audit table. You could continue to use Access as the front-end interface (via ODBC linked tables to the back-end database) but the security and auditing functions would have to be handled by the back-end, not by Access.
I am developing a web application in which a user can Create a table in data base. I am thinking on taking the attribute names and table description from user and put them into SQL query and execute it. But the drawback is that if this application is installed somewhere else all the db connection parameters have to be changed secondly it will be hard coded. Or is this the approach in software industry?
Another approach I can think of is taking all the information about creating a new table from user and inserting them into one table and have some kind of trigger on this table which creates a new table everytime when insertion is performed into the first table.What would be the SQL Script for such thing if my approach is correct?
I am using SPRING - MVC, Hibernate, MySQL, REST web service
Please correct me if I am thinking in wrong direction. TO be honest I am not clear on how I am going to do this.
Thanks
This is risky, since a database schema with a vague and ever-expanding schema will become difficult to manage. Your problem isn't how to manage the credentials, which you would have to handle securely whether users were creating tables or not. Your problem is why it seems necessary for users to create tables.
Are you building an interface to manage arbitrary databases? Maybe phpmyadmin would give your users everything they need.
Or are you doing something not quite so general purpose and open ended? Perhaps with a sufficiently rich table design, you can give the users what they want without requiring that they build their own tables. What information do users have to put in a table that it looks like they need to build their own?
If you are more specific with your objectives, we could be more helpful.