The best method to accomplish this is to setup a permissions system in your solution. You can make this as complicated or simple as you need or like to. You will want to decide on a group user level set.
Example: User, Superuser, Admin
Then you create your permission scripts to check the logged in persons group level, if that group is not one allowed to do that operation, show dialog "sorry you can't do this, not authorized." and then halt script. Else, it allows them to continue with whatever action they were trying to perform.
You can purchase some really intricate scripting systems that you can then integrate into your solution, but depending on the level of security needed you may be able to build something yourself perfectly satisfactory for your needs.
Read my post and thought I would intterate a tad more...
You make the permissions checking script sets universal. Write them in a way so that you can attach them to any button or link you need to so that it checks that persons permission level before it ever does anything.
You could also have a login grab the account name or group permission level and assign it to a variable or Global field which your scripts could reference at anytime during their login. When they logout, the next person logging in would overwrite the old value, but I would have a logout script wipe it to be safe, and it is just good programming practice to do so, like writing all your error codes.
Example of a good purchased solution for permissions you can integrate into your own solutions for marketing... (I use this one myself for many solutions based on the clients individual needs, otherwise I just write a simple checking system)
Get ( AccountName ) returns the account name of the person who has opened the database. If the user uses "Admin" to open the database, "Admin" will be returned by this function.
If, however, you define a calculation field that uses this function, it will not update each time a user opens the file unless you specify that the calculation field be unstored--so that may be an explanation of the problem here.
Correct, I force a login for solutions I need to do this with, to produce some sort of accountability for those people logged in and what they do while they are logged in.