Copy from locked fields.

[GregInChrist]

Management is looking for a simple way to allow CSRs to copy information from fields that are not enabled for "field entry" in browse mode. We are not concerned with security from malicious attacks or data being seen, but rater data integrity from modification by unauthorized users.

The fields currently display specifications that should not be editable by most users. Currently that is achieved by unchecking the "browse mode" box under "field entry" in the inspector pallet.

This has worked fine for us other then people can not copy the text to paste in other applications or emails.

The request is to allow this to be done without having to work though permissions. Is this possible?

Either way, what is the recommended best practice?

[Russell Barlow]

Management is looking for a simple way to allow CSRs to copy information from fields that are not enabled for "field entry" in browse mode. We are not concerned with security from malicious attacks or data being seen, but rater data integrity from modification by unauthorized users.

The fields currently display specifications that should not be editable by most users. Currently that is achieved by unchecking the "browse mode" box under "field entry" in the inspector pallet.

This has worked fine for us other then people can not copy the text to paste in other applications or emails.

The request is to allow this to be done without having to work though permissions. Is this possible?

Either way, what is the recommended best practice?

I'm not a huge fan of forcing information to a user's clipboard, but you do have that option.

Script trigger that fires when entering a field you want to protect. Dialog box asking if they wish to edit, copy, or cancel. If they click edit, and their permissions allow it(maybe a value list of authorized users to make edits), it lets them into the field. If they click copy, contents of the field are placed on the users clipboard, if they click cancel the script doesn't allow them into the field.

[jbante]

The request is to allow this to be done without having to work though permissions. Is this possible?

Either way, what is the recommended best practice?

The widely recommended best practice, and in my opinion the best user experience, is to do this through FileMaker's native security. Sorry. Set users up to have permission to view, but not to edit, the fields in question, and set the fields to be enterable in browse mode. Users will be able to select and copy the data to paste for themselves without the need to write a script to copy it to the clipboard for them, but they will not be able to modify the data — on this first layout or on any other layout or from any other application accessing those fields.

If you go the script trigger route suggested by Russell, there's still some security schema involved in the best practice. Rather than have a list of accounts authorized to make edits, you should make an extended privilege and apply it to privilege sets that should be allowed to copy or edit that field, then check for that extended privilege in the triggered script.

Using FileMaker's built in security is more secure, and takes less effort, than any other way to achieve the effect you want.

[GregInChrist]

Thanks, I thought that was the best answer. Thanks for both ideas.