Only See My Events
How Do I Let a User See Only Their Own Records?
Overview.
> > include notes on how some of this is waiting for them: filtered portal in active, setting in the beginning of the "recent" script
You can easily restrict the events a user is able to see. There are two different approaches to doing this, using Filters and using Access Privileges.
Using Filters is the simplest: you can create a new filter for the event's "owner" and then pre-filter the calendar so only events for that owner show up. If this is all you do, however, users will be able to reset the filter to see other events, which may be a good thing.
You can also filter the calendar by intercepting the find request our calendar makes when finding events to display: think of this as a filter the users can't change.
Both of these filter methods use the calendar's interface to restrict what shows up: users could still navigate to the event list and search for events, possibly finding events that belong to other users. If that is not acceptable you'd use FileMaker's built in Access Privileges to restrict what a user can see. This technique uses features built into FileMaker and is not specific to our calendar.
Using Filters
Pre-Filtering.
The simplest way to restrict what shows up in the calendar is to employ our filters, perhaps pre-filtering the calendar when users launch it. You can learn more about pre-filtering the calendar here: Filters.
Hard-Coding a hidden filter.
Another approach is to intercept the find the calendar performs when looking for records. This is what we think of as a hidden filter. To do this edit the script "Write FileMaker Source to Variable" and locate the comment "Nothing Found?". Right before this comment insert your own find request and run it as a "constrain found set", like this:
This will restrict events displayed to those where a field Staff in your events matches the short name of the currently logged in user. You can obviously change this to look for other criteria, or to only restrict events when users from certain privilege sets are logged in.
Using Access Privileges
Overview.
This is very easily done; you’ll use FileMaker’s built in Access Privileges to create rules as who which records a logged in user can see, which they can edit etc. You can restrict which layouts they can see and even which specific fields they have access to.
If you haven’t worked with FileMaker’s Access Privileges before, take a moment and read the overview in FileMaker's built in help, check out Contents > Protecting databases with accounts and privilege sets > Creating and managing privilege sets > Editing record access privileges.
For more information about limiting which records a user can see, continue to the "Editing record access privileges" page: you're interested in the "Limited" option under number 4.
Tips & Tricks.
The only tricky part here is finding some attribute of the user’s log in to tie that login to a record in the calendar’s User table. The items you have at your disposal are Get ( AccountName ) and Get ( PrivilegeSetName ). The privilege set name is probably going to be used for general things like “administrator” or “sales rep” and may be used in FileMaker’s Access Privileges to limit what a user can see or edit. You may, for example, craft access privileges so that sales reps can’t access the admin tabs on the calendar.
So you’ll probably be using Get ( AccountName ) in your access privilege calculations to compare a logged in user with the user linked to an appointment.
Fortunately we're already doing some of this for you:
So an access privilege calc that would let the logged in user only see their appointments would look like this:
Not isempty ( FilterValues ( CalendarEvents::Staff ; Interface::LoggedInShortNameGlob ) )
Make sure this calc is set to evaluate from the context of CalendarEvents. So there are a couple things to note about this calc. The first is that it just returns a 1 or 0; a 1 if the logged in shortname is one of the names of the staff linked to the event, a 0 if it is not. That is how all your access privileges calcs should be written: to return a 1 (ie. be true) if the user can see, edit, etc. the record. The second thing to note is that we don’t use the = sign. This is because an event can have more than one staff member, so its Staff will never be “equal” to any one shortname. Instead we use FilterValues to see if the logged in shortname “is a member” of the staff shortnames on the appointment.
(Do not, of course, create a field for the user’s password in FileMaker as that would not be very secure.)
Now of course you may want to have some users that can see everyone’s appointments: you don’t have to mess with the calc above to do this, simply assign these “power users” to a different privilege set that doesn’t limit the appointments they can view at all.
