AnsweredAssumed Answered

How to limit record access with find and global variables?

Question asked by user26705 on Oct 31, 2016
Latest reply on Oct 31, 2016 by BillisSaved

I am attempting to deploy a multi-user solution that heavily relies on FM WebDirect and Go.  The long and short of it is that there are multiple companies using the solution and each company has multiple users.  Each company has a unique CompanyID and it is used to enforce referential integrity across all tables in the solution.  The goal is to limit users to records in each table that are for their specific CompanyID.

 

In researching this I have found that this is supported, but that you end up with <No Access> in the layout for those records the user isn't authorized to view.  Obviously this is a really bad user experience and from what I have seen you have to implement a "Find" to eliminate the <No Access> records.  I am not sure how this prevents the user from doing a "show all" then seeing the <No Access> or if this will limit their Find abilities using FM's native Find capabilities.

 

Issue #1

 

My first issue is how do I stop the show all behavior and still allow the user to use the power of Find in FM?  More importantly, there are several pre-defined "Finds" we do and then we want to do a "Show All" but obviously not if it is going to show the <No Access> labels. 

 

Issue #2

 

In regards to Global Variables, does anyone have suggestions in using them in this scenario?  Do I use them in all my tables for CompanyID?  If so, doesn't that change the CompanyID to a single value?  Do I just use them in a single table to manage session context?  If so, again, what if I have 50 users from five different companies - won't the session table have a single value for all the users?

 

Sorry for the long message - but this has been a pain - seems like FM should have a much more granular security model and not require code arounds.  In this day and age, this is a major requirement for security.

 

Any advice is highly appreciated - if there are better ways to accomplish this - please let me know.  I am under a really tight deadline so if you have sample articles/solutions - please let me know.

 

Happy Halloween Everyone - FM...security = spooky! ;0)

 

p.s - I am using FP Pro Advanced.

Outcomes