Now that you’ve identified the roles people will take when using your solution, you’re ready to describe them in your solution as privilege sets. A privilege set specifies a level of access within your solution. It gives you many options for limiting access, such as which layouts are viewable, which menus are available, and whether printing is permitted. Privilege sets can also restrict access to particular tables, records, or fields within a file.
Once you’ve created your privilege sets, you assign them to one or more user accounts, establishing the level of access for each user. When you make a change to a given privilege set, the change affects all users associated with the set. Should you need to change the level of access for a single user, you simply assign a different privilege set to their account.
Many solutions only need three or four privilege sets. Here’s a typical example:
- Full access — can do everything in the system, including using the Manage Database window to define fields and create relationships
- Administrator — cannot use Manage Database but has full access to all data, the ability to run reports, and the ability to export records
- Super-user — similar to Administrator but not permitted to see sensitive data
- Team — similar to Super-user but not permitted to run reports or export records
Default privilege sets
Every new FileMaker Pro file starts with three default privilege sets: [Full Access], [Data Entry Only], and [Read-Only Access]. They cannot be changed or deleted and only cover a limited number of security scenarios. As the developer, you will use the [Full Access] privilege set, which is the only privilege set that has access to the Manage Database dialog window. This allows you to modify table and field definitions and create relationships.
Privilege set areas
Let’s have a look at how privilege sets are set up. FileMaker Pro groups privileges into three areas: Data Access and Design, Extended Privileges, and Other Privileges:
- Data Access and Design
These four options limit the user’s interaction with records, layouts, value lists, and scripts. Each option gives several choices for access to all tables, layouts, value lists, or scripts, but they also provide more customizable options for controlling specific tables, layouts, value lists, and scripts.
- Extended Privileges
These control access to hosted files via the network, FileMaker WebDirect, FileMaker Pro’s API for PHP, and other technologies. For this training, you only need to understand one extended privilege: “Access via FileMaker Network (fmapp)”, which allows people to access your solution once it is hosted.
- Other Privileges
This area contains an assortment of important options, such as whether the user can print, export data, or modify their own password. Here are some details:
- Allow Printing is required if the user is going to do any printing within the solution.
- Allow exporting is required if the user is going to export data from the solution for use in Excel or other systems.
- Manage extended privileges and Allow user to override data validation warnings are powerful options since they allow users to bypass some of your security settings. Reserve these for the “[Full Access]” account for now.
- Disconnect user from server when idle helps to manage the number of people connected to your solution by logging them out when they are inactive. However, this can be inconvenient for people who are frequently interrupted in their work.
- Allow user to modify their own password is necessary if you’re going to ask users to change their password periodically, which is a best practice for security.
- Available menu commands actually changes the actual FileMaker Pro menus: if you choose “Editing only”, only basic editing commands are displayed, and “Minimum” reduces the user’s options even further.
Your solution's roles
For the purpose of this exercise, we’re assuming that your solution includes a manager role who needs to be able to access and print reports and other screens as well as export data. We’re also assuming that you have a team member role that’s similar to the manager, but who shouldn’t access reports, print anything, export data, or delete records from your main table. Feel free to make other decisions based on your users' needs.
Create a manager-level privilege set using the "Sales Team Manager" set in the example solution as a model.
- Choose the File menu > Manage > Security… ⇧⌘D
You'll use Detailed Setup to view, duplicate, and edit your privilege sets.
- Click the Use Detailed Setup... button at the bottom left of the screen.
- Switch to the Privilege Sets tab.
The three default privilege sets are listed.
- Select the “[Data Entry Only]” privilege set and click the Duplicate button.
This creates a new, editable privilege set based on “[Data Entry Only]”.
- Click the Edit button.
An Edit Privilege Set dialog window appears.
- Change the Privilege Set Name so that it describes the manager role.
For the example scenario, we used “Sales Team Manager”.
Data Access and Design Area
- Choose “Create, edit, and delete in all tables” for the Records option.
This gives your manager full control over record data in your solution.
- Choose “All view only” for the Layouts option.
In this future, you might want to allow certain users to be able to create their own layouts for specific data entry or reporting purposes, but unless they are experienced with FileMaker Pro and share your vision of the solution, your users shouldn’t be permitted to modify layouts.
- Choose “All modifiable” for the Value Lists option.
Editing value lists could be useful, though it could be a little risky depending on your users’ technical ability. Make this decision based on the role and what you know about the people filling the role.
- Choose “All executable only” for the Scripts option.
In the future, you might want to allow certain users to create scripts that automate their specific workflow, but unless your users are experienced with FileMaker Pro and share your vision of the solution, they shouldn’t be permitted to modify scripts.
Extended Privileges Area
- Select the “Access via FileMaker Network (fmapp)” option.
Other Privileges Area
- Select Allow printing.
- Select Allow exporting.
- Select Allow user to modify their own password.
- Select Must be changed every X days, and specify 90 days.
This is a common security standard that makes it harder for people to steal passwords over time.
- Select Minimum password length: and set the value to at least 8 characters.
The length of a password doesn’t guarantee that it will be strong, but it’s a good start.
- Set Available menu commands to “All”.
Since you’re still getting to know the FileMaker menus, we recommend that you choose “All” for now. You can experiment with limiting the available menu commands later.
- Click the OK button to save your privilege set and return to the Manage Security… dialog window.