FileMaker Extra: Working with Multiple Files

FileMaker Extra Working with Multiple Files

Throughout this chapter we have been careful to note that security settings are specific to a single file within FileMaker. If you have a solution that spans multiple files, you will need to duplicate your account and privilege settings across those multiple files. This can become onerous when you have more than a handful of accounts or groups.

Privilege sets within FileMaker cannot be programmatically controlled. In other words, you cannot use a script to define a privilege set. You will need to create the appropriate privilege sets in each file of your solution. This is as expected: By definition each privilege set should be specific to the file in which it sits.

Accounts, on the other hand, can be managed by script, and there are some techniques you can use to simplify the management of accounts within your suite of files.

These are the Accounts script steps available to you:

• Add Account Using this script step, you can add an account to your file. Note that the script step dialog shown in Figure 12.17 requires that it be associated with a specific privilege set. You will need to create as many Add Account scripts as you have privilege sets. Note that this script step works only for internally authenticated accounts.

  Figure 12.17. The Add Account script step allows you to add internally authenticated users to a file.

• Delete Account This allows you to permanently remove an account (by name) from your file.
• Reset Account Password Resetting the account password allows you to change it to a default of some sort without knowing the prior password.
• Change Password Change Password requires the current password followed by the new password.
• Enable Account This allows you to activate and deactivate an account. This is a nonpermanent way to deny someone access.
• Re-login FileMaker will prompt the user to log in again, or you can store credentials in this script step to do so without a dialog.

To use these script steps to support work in multiple files, you will need to create a user interface that allows users to create accounts and change passwords. Note that in the dialog shown in Figure 12.17, there is a Specify button next to both the Account Name and the Password boxes.

First, create a layout (or dialog) that will ask a user for a new account name and password she wants to add to your multifile solution. You should have the user enter that information into two fields set with global storage. You will also need a pop-up menu of privilege sets available within your solution (and certainly you should feel free to omit those that are sensitive, such as [Full Access]).

Second, write a script that calls subscripts in each of your solution files. The subscript should use the Add Account script step to create the new user account. Where you need to provide an account name and password, simply reference the two global fields you had set up previously. Note that with global fields, you can add an external table occurrence from a different file and gain access to the fields as you need.

You can follow similar techniques for changing passwords, deleting accounts, and enabling them.