5 Replies Latest reply on Sep 22, 2015 1:36 AM by richard@itech

    Need to authorise creation of new record

    richard@itech

      Hi

       

      I am working on a solution which has users privilege sets to determine access levels. A transaction table is used to store records, and if a low level user is logged in, I need to have this record creation authorised by a higher level user.

       

      What I have come up with so far is this:-

           Store current users name in variable

      Loop

           Custom dialog box comes up asking for authorisers Username and password, the values are saved in global fields.

           I then use the re-login script to try and login using these credentials

           When this succeeds an Exit Loop If Get (CurrentPrivilegeSetName) is not equal to "Low-level" is used to check the account can authorise the transaction

      End Loop

       

      I then fill in the relevant fields in the transaction record with the user who is now logged in (Authoriser), before I run a second loop which prompts for the original users password so I can switch back to them using another Re-login.

       

      Whilst this works, it feels clumsy, especially having to ask for the password to re-login the second time.

       

      Am I missing an easier way to do this?

        • 1. Re: Need to authorise creation of new record
          Mike_Mitchell

          Hello, Richard.

           

          I'm not entirely sure what your workflow is (independent of the coding involved). Does this capture it?

           

          1) You have user A logged into the database.

          2) User A has limited privileges (no record creation allowed).

          3) User A needs to create a record, so user contacts user B for authorization to create a record.

          4) User B comes along and clicks a button / activates a script.

          5) User B enters credentials to allow record entry.

          6) User A enters new record.

          7) User B indicates that new record entry is to be terminated.

          8) User A logs back in, terminating new record entry.

           

          Is that about right?

          • 2. Re: Need to authorise creation of new record
            richard@itech

            Hi Mike

             

            In a nutshell yes, it is in a medical environment.

             

            1. A nurse/technician is logged in and will navigate through the solution to the point where a clinical member of staff will need to check the details and authorise it. (The Confirm button is hidden by a 'Requires Authorisation' button at this point)

            2. Nurse hands iPad to Clinician who punches in their username and password.

            3. A dialog box pops up and requests the nurse password again to re-login, and the Confirm button is now visible to go back to main screen.

             

            Since posting I have switched from using a Dialog box to gather the Clinicians username and password to a popover window which suits the iPad better.

             

            Having thought about this some more, I am toying with the idea of having a generic login to the solution and having a 'Login' layout as the landing page. That way I can collect the username and password and run the re-login script step and store the username and password in a Global variable. Not sure on the security of this approach though.

            • 3. Re: Need to authorise creation of new record
              Mike Duncan

              Would this be a typical scenario? Say, for example, a nurse asks a doctor to approve something, hands them an iPad with FM Go on it and they (the nurse) are logged in with their user account. The doctor needs to log in with their credentials to approve, but then be able to hand the device back without leaving it logged in under their account?

               

              If so, you may be able to use a second file with a view to the same record that opens, then:

              • performs a re-login script step to capture the new authentication in the second file,

              • do what you need to do (digital signature?)

              • re-login in the second file to a lower set of credentials (to log the doctor out) and close that window

              • return to first window/file where the nurse is still logged in.

               

              Would that work?

              Mike

              • 4. Re: Need to authorise creation of new record
                Mike_Mitchell

                I'm glad you mentioned security.   

                 

                Mike D's scenario is just one where this kind of workflow opens up all kinds of security problems. My suggestion would be to abandon the whole relogin process altogether, because there are too many ways it can be bypassed. (Just hit "cancel" on the relogin screen, and guess what? The nurse is still logged in with the clinician's privileges.)

                 

                Mike D's workflow should work fine. You could even just log into the second file using the clinician's credentials. The clinician can just create the record at that point via the external file (perhaps using a script that runs with full privileges), then log out. No relogin of the nurse at all, and no saving of credentials (which gives me the heebie jeebies).

                 

                HTH

                 

                Mike

                • 5. Re: Need to authorise creation of new record
                  richard@itech

                  Thanks to you both for the suggestions.

                   

                  I had managed to avoid the nurse being left logged in as the clinician by using a loop and a custom dialog box to take the credentials, but again it meant I was caching credentials, even if it was only for a few script steps.

                   

                  My other concern with using either custom dialog box or the dedicated login box was that it felt out of place in the middle of the Filemaker Go app, and I have no way of controlling which keyboard shows up (I wanted to use passwords for this of 6 digit PIN numbers for ease of entry).

                   

                  I agree that using a second file with access to the record and a layout showing the record with a confirm or not choice looks like the neatest and most secure option, so I will look at this further.

                   

                  Thanks again.