Record Level Access (RLA) calculations in privilege sets that rely upon Get ( ExtendedPrivileges ) or upon certain elements of the security schema itself will fail in FileMaker Pro 10 even though they worked fine in previous versions.
In FileMaker Pro 10, you have to put the name of the privilege set in the calculation. Since the calculation is in the privilege set definition, it is a constant. Much like when doing calculations in scripts running as full access, all privilege calculations are now evaluated from the standpoint of the [Full Access] Privilege Set.
BACKGROUND:
Record Level Access is a key feature of the security schema introduced with the release of FileMaker Pro 7. At its simplest level, it imposes tests to determine whether a user can view, edit, create, or delete records in a given table of a file. The test returns a Boolean result: True or False. If the test is passed, the action is allowed; otherwise, it is blocked.
All of these actions take place within the confines of and the context of a specific Privilege Set. Indeed, the Granularity of Access Principle inherent in the Role Based security model of FileMaker Pro specifically contemplates that the Privilege Set is the overall “wrapper” of a specific set of RLA calculations, along with most all other security based settings. Each specific Privilege Set defines the rules for a specific role; there can be many roles, and therefore, many Privilege Sets.
BEST PRACTICES:
Use only appropriate tests for RLA. This does not include elements of the security or business logic schema themselves, specifically including Extended Privileges, Privilege Set Name, and Layout Name.
Appropriate RLA tests are those whose determinations lie outside the definition of the Privilege Set itself. It is almost circular logic to say that a Privilege Set bit’s definition must rely on something within that Privilege Set itself.
The table below attempts to identify some RLA tests of each type. It surely is not comprehensive, since the access of the calculation engine is so broad.
| APPROPRIATE |
INAPPROPRIATE |
| Get ( AccountName ), although the value for any given Account can be different depending on the authentication method (long name, short name, UNC, UPN) |
A Custom Extended Privilege value within the active Privilege Set, or likely within another Privilege Set if there were a way to access it. |
| Get ( WindowMode ) |
Any tests that will evaluate differently on the client than it will on server, since RLA are sever based.
See answer 6996 |
| Some business-process-driven state of a record, e.g. a lock flag, or record that is not yet committed, etc. |
Likely the name of the Privilege Set itself. |
| Get ( ApplicationVersion ) {possible unexpected results in localized versions other than English due to the way decimal separators are managed} |
Get ( RecordModificationCount ) {has failed in the past in scripted actions} |
| Get ( SystemVersion ) or Get ( SystemPlatform ) (either at gross level of Macintosh or Windows, or a more discrete level, Tiger vs. Panther, XP vs. Vista, etc.) |
ScriptNames, LayoutNames. or WindowNames, etc. since they can be spoofed |
| Get ( CurrentDate ) vs. some other date in the past or future |
|
| Get ( CurrentHostTimeStamp ) vs. an accepted range of times {e.g. records cannot be edited after 1:00 PM on the day they are created} |
|
| ScriptID |
|
| LayoutID (must be coerced by a custom function as a general rule) |
|
|
Print Answer
Email Answer
