Greetings, I have a database that is used to approve requests submitted via the web. Initially, this was just a level 1, 2 and 3 approval, with only users in the lvl1_approvers group able to edit the field lvl1_approval and so on. Now I need to add more than one person in each level. It will be 7 in level 1, 3 in level 2 and still 1 in level 3. I do not want any level one approver to be able to approve any level 1 request. Therefore, i must figure out how to limit access to records, or to fields conditionally, based on user ID. I am using external server authentication so I have unique user ids already. Just need to be able to say "if user is member of lvl1_approvers AND user ID is = to 'x', allow access to record or field, else deny."

I am using this throughy xslt, so any solution found would need to contine through to this format. Thank you in advance.

Extract the Privilege Set name attached to the Account through which the user access the file. Use that as the test for viewing the record.

Steven

Not sure what you mean. I have a priv set called "lvl1_approval" which is applied to the external group "lvl1_approval". The priv set "lvl1_approval" has access to the field "lvl1_approval". So that anyone in that group can change that field but not the field "lvl2_approval". I want to make sure that only the specific person WITHIN the lvl1_approval group that the request is targeted for is able to access that field for that specific record only and no others in the lvl1_approval group are able to access that field for that specific record.

You need a field that is populated when a record is created that has the name of the Group. The access test for the record then becomes when that field matches the Privilege Set Name. Look in the section of Define Accoutns & Privileges where the field access rules are set.

Steven