Extended Privileges

2017-11-03 09:05:03

Extended privileges come in two flavors. There's a set of default extended privileges that let you determine how your users interact with shared databases. And you can create custom extended privileges to assign special privileges that can be turned off and on at will. All extended privileges are tied to privilege sets, to which you can add one or more Extended privileges.

16.4.1. Default Extended Privileges

The default extended privileges let you determine which method users are allowed to use to connect to your database. The default extended privileges are:

[fmiwp] This privilege set allows users to connect to the database using Instant Web Publishing, which requires FileMaker Server Advanced. See Section 18.2 for details on setting up IWP.

[fmxdbc] This privilege set allows users to connect to the database ODBC/JDBC connections to other databases like SQL and Oracle. XDBC connections also require FMSA. See Section 18.3.3.3 for details on configuring FileMaker Server to allow xDBC connections.

[fmapp] This privilege set allows users to connect to the database when you're sharing it via FileMaker Server. See Section 18.3 for details.

[fmmobile] This privilege set allows users to connect to the database using FileMaker Mobile, a special version of the program used on PDA devices. FileMaker Mobile is not covered in this book. See FileMaker Mobile help file or manual for details.

fmxml This privilege set allows users to connect to the database through the web, when you're creating custom XML pages, which requires FMSA. See the references on Section A.1.3 for details.

xmxslt XSLT files work in conjunction with XML files to share data through custom web publishing.

Say you have 35 local users who need access to your database through FileMaker Server. Then you've got another 75 users in other locations who should use the internet to access your files. If these users need the same privileges, you can make sure your internal people don't use their browsers to access the files and the remote users can't login to the network files using the company WAN by setting up two Privilege Sets that are identical, except one has [fmapp] extended privileges and the other has [fmiwp] privileges.

Tip: You can have everything set perfectly on your FileMaker Server machine and people still can't get into the files over the network unless you remember to assign [fmapp] privileges to at least one privilege set and then assign that privilege set to an account.

On the other hand, the custom extended privileges you create don't actually add any privileges on their own. Instead, using scripts, you can check to see whether the active privilege set has an extended privilege before you allow the user to do anything important or irreversible. To use this feature fully, write your scripts with extended privileges in mind. Then, when you need to temporarily give extra power to a particular privilege set, you just turn on a checkbox in the Edit Privilege Set window and all your scripts do the right thing. The next section takes you through one example.

16.4.2. Creating an Extended Privilege

Suppose you've decided to let Project Managers delete records directly, and you give them that power in their privilege set. When other people try to delete a customer record, you want FileMaker to flag the record instead, so that a manager can find and delete the flagged records later. To automate the process, you write a Delete script, using the Get ( PrivilegeSetName ) function to check whether the person's a manager before deleting the records.

Here's how to set up the extended privileges so you can use them in the script. Open the Define Accounts & Privileges window and click the Extended Privileges tab. Then click New. You see the Edit Extended Privilege window on your screen. It's also in Figure 16-15. This extended privilege controls a user's ability to directly delete customer records, so put "Directly delete customer records" in the Description box. For the Keyword, enter delcust as an abbreviation. While you're here, turn on the checkbox next to [Full Access]. For now, only those people with full access can delete customer records. When you're done, click OK.

Figure 16-15. The Edit Extended Privilege window lets you give your extended privilege a keyword and description. The description should say what the extended privilege is for. The keyword can be anything you want; it's wgat you'll look for in your scripts, so once you start using an extended privilege, you probably don't want to change its keyword. You can also tell FileMaker which privilege sets have this extended privilege turned on by clicking the Access list's checkboxes.

16.4.3. Checking for an Extended Privilege

Now you need to write your script. You'll use the Get ( ExtendedPrivileges ) function to ask FileMaker for the list of extended privileges turned on for the active privilege set. The script checks to see if this list includes "delcust," and takes the appropriate action. While creating this script, you need to add a new text field called Delete Flag to the Customers table. You can see the finished script in Figure 16-16.

Figure 16-16. This script first checks to make sure you're on a layout associated with the Customers table occurrence. If not, it refuses to run. If you're on the right layout, it then checks your extended privileges to see if you have the "delcust" privilege turned on. If you do, it deletes the record. If you don't, it sets the Delete Flag field instead.

Try out your script by running it from the Customers layout. Assuming you're working in the Admin account, the script should delete the customer record, since you have the [Full Access] privilege set. Then close the database and open it again. This time, log in as someone assigned the Project Manager privilege set. Project Manager doesn't have the "delcust" extended privilege turned on, so when you run the script this time, it sets the Delete Flag field instead of deleting the record.

16.4.4. Assigning Extended Privileges

To give Project Managers the ability to delete customers directly, which is the whole point of the script you just wrote, you have two options: First, you can edit the Project Manager privilege set itself. The Edit Privilege Set window has a list of extended privileges in the bottom-left corner where you can control which extended privileges are turned on (see Figure 16-17). To give Project Managers the power to delete customer records, just turn on the checkbox next to "Directly delete customer records." If you're adding it to only a privilege set, editing the privilege set itself is the easiest way to turn on an Extended Privilege.

If you have a few Privilege Sets that need the same Extended Privilege, there's an alternate method: Go to the Define Accounts & Privileges window's Extended Privileges tab and edit the "delcust" extended privilege instead. This way, you see all the Privilege Sets in a list. In the Edit Extended Privilege window, you can turn the extended privilege off or on for any privilege set by clicking the checkboxes in the list of privilege sets.

To test the "delcust" Extended Privilege, turn it on for the Project Manager privilege set and close the database. Then open it, log in as a Project Manager, and run the Delete Customer script. This time it deletes the customer right away. (See Section 16.5.4.2 to see how the Re-login script step can make testing security settings easier.)

Figure 16-17. The list of extended privileges in the Edit Privilege Set window shows every extended privilege defined in the database, each with a checkbox beside it. If you turn one of these checkboxes on, you're giving this privilege set access to everything controlled by that extended privilege.

Категории