That is quite an interesting issue with that Get function, I had not noticed it before.
Having had a quick test a way around this would be for you to setup a separate Sub-script that simply had the step Set Variable [ $$Privilege ; get ( PrivilegeSetName ) ] and so not set the 'Run script with full access privileges' option.
Call this script using the Perform Script step before doing the test on the users Privilege set and then test on the global variable $$Privilege
That is one way around it.
Yes, that is more or less what I described in my message. But the user still has a way to access and modify that variable. My users have limited access to certain layouts and have the ability to create new layouts as well as new scripts (so they can create new label layouts, reports etc and scripts to run them). They only have access to their scripts but even with these limited permissions, they can easily circumvent the security model that we are proposing.
Are all the customisable actions related to print layouts and Reports?
Another option to think about may be to give them a separate Interface File for there printing and reporting, they can modify as much as they like, not affect the main system which remains completely locked down.
You could then have Report tables you import the required data into so they can modify calcs etc without affecting the main data.
Just a thought.
You need two scripts, for example:
If [ Get (PrivilegeSetName) = <something> ]
Perform Script [ SubScript ]End If
Set only the subscript to run with full privileges.
In version 8 and above you can do this a bit more elegantly:
Perform Script [ Check Privileges ]
If [ Get (ScriptResult) = <something> ]
# Do some stuff
Here, the main script is set to run with full privileges. The subscript 'Check Privileges' does only this:
Exit Script [ Result: Get (PrivilegeSetName) ]
Very elegant solution "Comment". At first blush it seems to solve my problem. Thank you.
Orlando, we do use the data sepearated model for most of our stuff but not all, and some reports are just easier to do in the table.