My questions pertains to creating a layout for customers to connect to my database via web direct to view inventory that I would like them to see (an 'online showroom'). I am primarily interested in any objections that may be raised with regards to having a client connect to a company's database.
My Situation (simplified)
I have a database with an inventory table. Each record represents one automobile. I view and edit these records in an Inventory layout.
I have a showroom table. These records represent collections of automobiles. These collections can represent exhibitions, but they can also represent groupings of auto's that I want to show to a collector.
Finally I have a join-Showroom-Inventory table. This is to enable a many to many connection between showroom and inventory, as each showroom contains many cars, and each car can belong to multiple showrooms.
Each table has one table occurrence. The primary keys of inventory and showroom fill the foreign keys in join-Showroom-Inventory. Everything works perfectly.
Now I would like to create a privilege set that allows a specified user account to view a showroom in a special client-showroom layout if-and-only-if the user account name = Showroom::Client. For instance, I would like for my client Fred to log in using the account 'Fred' that I have created especially for him. In the showrooms I would like him to view, I enter "Fred" in the Showroom::Client field. Fred is assigned a privilege set that allows him to see NO tables, NO layouts except strictly what is required to render the showroom in the client-showroom layout.
I have had great experiences with web direct so far, and would like to use it in this way. All of the security in my database is based on Filemaker's built in account security (no ersatz/scripted security). Nevertheless, I can't help but wonder if what I am attempting to do is a BIG no-no. After all, a customer will be directly connecting to the company's database.
I hope I have described my situation clearly. The community forums are excellent, and I look forward to any replies I am fortunate enough to receive.