Issue with get(privilegesetname)
I have a script that needs to set values in fields that are restricted via privilege set (external authentication). Only the administrator has write access to these fields. In order for regular users to set the values I need to run the script with full privileges. My problem is that only one group of users is allowed to run this script but I can't test using get(privilegesetname) since it will always evaluate to "Fulll Access" since the script is running under full access.
The only way I can get around this conundrum is to set their privilege set as a global and test the global when running the script. But how can I protect this field from being modified manually by the users? They simply have to place the field on one of the layouts to which they have editing access and they can edit the value to give themselves access. Using a variable is a little more secure but only because there is no easy way to get the variable name (once they find out the variable name, they can get around the security).
Is there a secure way to do this? Or is the variable the only way available?