Problem: you want to detect ahead of time whether a user has sufficient privileges to view, edit, create records in or delete records in a table. Right now our only option is to Set Error Capture [ On ], try the operation, and see what Get ( LastError ) returns.
Here is a relatively simple way to detect record-level access ahead of time. Attached is a video and a demo file.
1. Each table should have four global number fields: canView, canEdit, canCreate, and canDelete.
2. Add a custom function:
hasAccess ( entity ; View|Edit|Delete|Create|Layout ) =
Case ( View|Edit|Delete|Create|Layout = "Layout" ; not IsEmpty ( FilterValues ( LayoutNames ( "" ) ; entity ) ) ; // Else EvaluationError ( Evaluate ( entity & "::can" & View|Edit|Delete|Create|Layout ) ) = 0 )
Set up your account privileges as per usual. The one extra step is to set your field-level privileges for each table so that access privileges for the four fields above match the access privileges for the table.
For example, if you want to allow View and Edit for a table but prevent Create and Delete, you would set the privileges for canView and canEdit to modifiable and the privileges for canCreate and canDelete to no access.
hasAccess( LayoutName ; "Layout" ) will return 1 if a user has privileges for a specific layout.
hasAccess( TableName ; "Edit") will return a 1 if a user has edit privileges for a table, or a 0 if the user does not.
hasAccess() will return 0 in any case if you've turned off View access for a table... the View parameter is probably redundant but I went too far with this to change it now.