FileMaker Discoveries

1 Drawback to the Single File Approach

The single file approach in FileMaker 7 is very advantageous in many ways. Being able to control your security settings in one place is incredibly convenient. However, there seems to be one drawback. It’s harder to segment out high-level security access to a particular part of your solution when it is all in one file.

Sure you can control layout and field access. But what about when you want to give someone the ability to create a new table? You have to somehow give them the ability to use the Define Database area. And that is an all or nothing proposition as far as I can tell. Either someone gets to be able to change fields throughout the file or not at all.

I’m hoping I’m wrong about this and will definitely post a correction if I find out otherwise. Corrections, anyone? I would like for there to be some gradations of access in field definitions. For example, you can let people have more privileges on new layouts. Could you do that for new tables, without giving away the store and allowing people to change existing database fields and relationships?

One solution is to allow the user in question to create the table as a separate file. Then, if desired the database administrator, could perhaps use FMrobot to bring the fields inside the big DB walls. The problem with this is that FMrobot only works on the fields and can’t bring in layouts and scripts. And it is unlikely that there won’t be need for some field definition and relationship changes after the initial try.

In a big, complex one-file database, you may just have to work around this limitation. There is probably a lot to be said for having a two-step process with end-user additions to the database.

You can give a user access to the Define Database area without them having Full Access. You do this by creating a script that uses the Open Define Database script step and make sure the script executes with Full Access. Because you have this option, you can use scripting controls to keep the lid on the database and retain control over management of Accounts and Privileges.

Leave a Reply

Your email address will not be published. Required fields are marked *