Then I guess there is only hard and insecure way out.
Add and maintain a user/privilege table.
Userid or username as primary key and privileges associated
with each userid/username.
You client must check if the current user has the
privilege to do updates or not.
I think Access RecordLocks property might do what you
want, but you better read the help.
