Let me try to repost the image.
1. What you describe makes no sense. What does that script do exactly? An auto-entered account name is a field option that kicks in when you create a new record or modify a field in the same record referenced in the auto-enter calculation. This is neither a script nor something that is likely to have any effect. Did you set up a "lock expression" in custom privileges that refers to the current user's account name? Even then, any record for which the lock expression does not permit access will display as "No Access". It's typically necessary for a startup script to perform some kind of find in order to hide the "No access" records from view. Note that any find performed by a script or by the user will automatically omit "no access" records.
You can find examples of such a "find script" in the thread you refer to in you original post: Limiting access to a new users
2. For more examples of scripted finds, see: Scripted Find Examples You can, for an example, add a global field to your layout formatted with a drop down list. Selecting a value or typing one end can perform a find for patient records. A conditional value list can be set up that only lists patients for which the current user is permitted access.
When it comes to accessing records, the custom privileges are that "Untrained Users" can view (Yes), edit (Yes) and edit (All) fields, but cannot create or delete records.
And what options did you select for your layouts?
And I can also see that you've selected "minimum" in the available menu commands drop down. In many cases, this is too tightly limited a set of menu commands and often fools new developers into thinking that they have the wrong access permissions when they simply have too tightly limited the available menu commands. You may want to test your limited access accounts with a different option in this menu to see what difference it makes.
Thanks for getting back to me.
The script is set to run at login and serves to forward users with specific privilege sets to specific layouts. Because none of my users have any FM experience, my goal is to limit their access to layouts and menu functions as much as possible. All they'll really be doing is searching out their own patient's records and dropping a report into a container file. They might also update patient contact information, but that will be it.
Specifying lock expressions is well above my skill set. I'm looking for simple solutions. So, how would I make it so the user's name appears in a welcome message?
First, User name and account name are not the same thing. User names are specified for the FileMaker application and are specific to the computer user set. They are specified in Preferences. Account names are defined in Manage | Security. Just to confuse this, FileMaker takes the current USER name and inserts it into the login box for ACCOUNT name as the default account name when you log in.
So Insert Current User Name has no direct connection to what account name is specified when opening the file. Script steps that start with Insert also fail silently to work (no error message interrupts your script) if the specified field (Client Contacts 2008::User) is not present on the current layout when the script step is executed. And what kind of field is "User"?
In any case, that script step has no effect whatsoever on whether the user will be see data or a "No access" screen obscuring the data. Presumably, the "no access" result is due to custom privileges settings that you have specified for records and tables--but this is not a screenshot that you have uploaded for this privilege set.
The script you describe should take the user to the desired layout and show the contents of the User field specified in the script, IF the user field is on that layout and IF the user field was accessible on the current layout at the moment the Insert Script step executed. (I use Set field instead of Insert unless that option is not possible for what I want to do. Set Field [ Client Contacts 2008::User ; Get ( UserName ) ] will put the current user name into the field in cases where insert will fail and without tripping any script triggers that might be set on the field. Get ( AccountName ) can be used to insert the user's account name instead of the computer's user name.
PS. Given that you describe this as "patient data", I don't think you have much choice but to set up a Lock Expression limiting user access to only those patient records that user is authorized to see. Otherwise you could have serious legal repercussions due to violating patient privacy.
I'm still struggling with this, though it seems basic. Here is the new script and a screenshot of the custom layout privileges for The "Untrained Users" privilege set. The 2 highlighted layouts are the only ones I think such users will need at present. I'll also post separately a screenshot of the records privileges for that same privilege set. From where I sit, that should work, but it doesn't.
What's happening now is that whether I log in with my Full Access privileges OR with the Untrained Users privileges, the following message is displayed at login: "This action cannot be performed because this field is not modifiable."
This wasn't what I asked for. Notice that under "records", "custom privileges..." have been selected. I need to see a screen shot of that dialog which is why my last post included this text:
Presumably, the "no access" result is due to custom privileges settings that you have specified for records and tables--but this is not a screenshot that you have uploaded for this privilege set.
"This action cannot be performed because this field is not modifiable."
Sounds like this field is a calculation field and such cannot be used in your script to set a value. You really shouldn't need to do this anyway, but if this were a field of type text, you would not get this error message.
Thanks Phil. You were correct. I had the field "User" set to be a calculation. Changing it to a text field resolved that issue.
Regarding the permissions for Untrained Users, the info you're asking about is indeed present in the image above. Untrained Users can currently view and edit records, and I'm allowing them to access all fields. However, I'm not allowing them to create or delete new records.
Regarding the other issues:
A) How do you recommend I script/establish a Lock Expression to limit Dr. Jones to seeing only those patients whose "Treating Clinician" field = Dr. Jones? (When I look up Lock Expression in the Help file all I see is info on locking objects into place on a layout).
B) Regarding search fields to help users find their patients: I currently have a field called "Full Name" that is a calculation
= First Name & " " & Middle Name & " " & Last Name
If I set the option for Full Name to "Use Global Storage" can I then include the Full Name field onto my layout so users can enter any portion of their patients' names and search from there?
C) An alternative to a single search field would be a list that displays particular fields from a patient record (e.g., First, middle , last name, parent's name, dates seen) that users can click on to take them to that particular record. How can I set that up on the layout?
No, you have not uploaded what I asked for. There's a dialog that opens when you select Custom Privileges in the Records drop down. That is where you apparently have a limitation on what records/tables are accessible as this is how you get a screen with "no access" obscuring the data.
That's puzzling. I see no way that the access permissions shown can possibly produce a layout that displays the "no access" screen when you open the layout....
That typically happens when "no" or "limited" is specified in the "View" column.
Hi Phil. You were correct... the <No Access> issue resolved when I changed the field "User" from a calculation back to a text field.
Are you able to comment on these questions from my Jan 20 post?
1) How do you recommend I script/establish a Lock Expression to limit Dr. Jones to seeing only those patients whose "Treating Clinician" field = Dr. Jones? (When I look up Lock Expression in the Help file all I see is info on locking objects into place on a layout).
2) Regarding search fields to help users find their patients: I currently have a field called "Full Name" that is a calculation
= First Name & " " & Middle Name & " " & Last Name
If I set the option for the "Full Name" field to "Use Global Storage" can I then include the "Full Name" field onto my layout so users can enter any portion of their patients' names and search from there?
3) An alternative to a single search field would be to have a list that automatically displays the names of all of a particular doctor's patients so docs can then click on the one they need and go directly to that record. How can I set up a list like that on the layout?
Thanks for your input.