There are a number of ways you could do that. The most secure methods will be those that use privilege sets in the Accounts & Privileges area. The issue you have probably already come up against is that you cannot limit field views by calculation (only entire records).
So the solution lies in setting up a separate table for the data you want to protect. There will probably be a one-to-one relationship to this table.
Those accounts that require this level of security will use a privilege set that stops the viewing of the related record is a field is flagged.
Does that make sense? Do you need a sample file?
Some of that is a little advanced for me. I'm not sure about the one-to-one relationship part and privelege set.
A Sample file would be terrific!
Thank you for your help!
OK, I have created a sample file with contacts and protected data. When you open the file, it will open as admin. Click the buttons to alternate between Admin and User logins. When logged in as Admin, have a look at Manage Database... tables and relationships, and have a look at the User privilege set.
Thank you for going to all that trouble. I'm pretty sure that solves my problem, but I'm not exactly sure how to get there. I've never worked with "tables." So it will be fun to try and figure this out!
I found your example at http://www.ulearnit.com.au/samples/Contacts_protectedData.zip to be really interesting. I like the two buttons that switch between privillege sets. I had never used the "Re-Login" script step before, and it is really great for testing different privilege sets. For the User privilege set, I set the calculation to "privacy < 1", and I had the privacy check box defined as "1". Since I was not able to view the privilege set for User in your example, I wasn't sure how you did it. What did you do?
One thing I did not understand was the field "ID" in the "PDATA" table. What does that do?
Thank you for your kind feedback.
You should be able to view the privilege set for the user if you log in as Admin. When you do, you will find that the custom privileges for viewing and editing are set to "not privacy" (without the quotes). This is a neat Boolean expression of what you want to happen.
All my tables have an ID field - it is a primary key (auto-serial). It is there whether it is used/needed or not. In this case it is not yet needed. ;)
When I click on "Log in as ADMIN" and then click on "Manage" and select "Accounts and Privileges" and click on "Privilege Set" and then select "User" I get a dialog box that says "This action cannot be performed because this file is not modifiable." When I click "OK" I then get the "Edit Privilege Set" dialog box, but everything is grayed out so I cannot click on "Records" and see what you did, other than to see the grayed out words "Custom Privileges..." I can modify the extended privilege set, but I cannot save any changes. So is the calculation (without quotes) "privacy = not privacy"? Also, the extra PDATA table in the relationship view confused me initially. Is that also for future reference?
When I copied the file to my computer, I was able to see everything. When I was just opening the file, I couldn't get past "This action cannot be performed because this file is not modifiable." Another DEU! The wording at the bottom of the screen (describing the limited access to records in the "Edit Privilege Set") below the statement that the result is Boolean was a little confusing because it says "Non-zero values are true (access is allowed)..." I assume the NOT means the opposite will happen (access is not allowed when privacy is true - i.e. non-zero).
"...Also, the extra PDATA table in the relationship view confused me initially. Is that also for future reference?"
The file has been set up with Anchor-Buoy methodology. Google that term for more information.
"The wording at the bottom of the screen ... that the result is Boolean was a little confusing because it says "Non-zero values are true (access is allowed)..." I assume the NOT means the opposite will happen (access is not allowed when privacy is true - i.e. non-zero)."
Yes, the "not" in a Boolean calculation will reverse the result. So the expression "not privacy" will allow access (view and edit) when the privacy field is unchecked. This is because "not false" equals "true"! A bit of logic to get your head around. ;)