OK, so I'm going to try to explain this as best I can in the hope that it's clear (a) what's currently happening and (b) what I have been asked to do to update the logic.
The application I support has three levels of access:
- Office Admin
- Sys Admin
The restrictions to the data are as follows:
- Sys Admin: can see/access everything;
- Office Admin: can see all data for records who have the same location set as the user, ie London Office Admin can view all records with London as Office location;
- User: can see all data for records where they are a team member ie each record has a list of users (team) assigned to it, so if the user is in a team, then they can view the record.
Whilst there are privilege sets and extended privileges for the three user groups, the list of records shown to the user on the initial screen is handled by a script:
So, this all works as expected, and the users only see the data applicable to their access level.
Now comes the change. They want User & Office Admin users to be able to the same list of records as Sys Admin, ie all records, BUT only be able to access the data based on the same logic above, ie users only access records they are a member of and office admin only access records assigned to their office location.
Currently, access to a underlying data for each record is via a button, which runs a GoTo Layout script step to view the underlying data for the selected record in the appropriate layout:
So what I need to do is hide the button for records the user should not have access to, but based on the above, am in the dark as to how to convert the Find logic to allow me to hide or display a button control.
Is this enough detail? If not, please ask for more info and I will provide what I can. And if I don't respond straight away, it's because I'm out of the office after today until 1st March, so please don't think I'm ignoring your help/questions.