I have an awkward security demand to solve.
At first it seems straightforward: A certain group of users should be able to crate (and edit) records in a table only through scripts.
-Easy! You say. Just block the group in the security settings, and grant the scripts "Full access".
-Not enough. I say.
The problem is that the system uses the "separation model". The records will be blocked in the data file and the script will have "Full access" only in the GUI file.
My suggested solution uses a Global field in a calculated security that only allows access to the table if the Global field contains a specific value. That way the script can manipulate the Global field to temporarily turn on, and then off, the access to the table. And since the Global table are in the GUI file I can even make the Global field require "Full access" to be manipulated by the script.
What I'm thinking of right now is: Any and every way anyone can punch a hole in the solution. And how I can "repair" said holes.
With best regards Magnus Fransson.