I would like to script some behavior based on the users ability to create, or not create, records in a table. I'm using native FileMaker security and would like the scripted test to use that as well to check, and not have to hard code access logic in the script evaluation.

 

I know that I can attempt the create and see if its successful or not, but it would be nice to check for the access before actually trying to create the record. Yes, I could create and revert, but wondering if I'm overlooking a simpler way to test for an available command/action.

 

-- Actual Use Detail --

The use case is a common popup dialog to search for contacts. If the user performs at least one search and their access is set to allow creation, then search/results dialog will automatically display a "Create Contact" button that allows them into that flow. If they find the Contact they're looking for and select it (or create a new one), the contact ID is returned back to the original calling function.

 

If they do not have access to create, then they can only Search for existing contacts, and the interface will not give them the option to create.

 

If it matters, i'm using the separation model, and the scripted test is in the UI file, while the security is defined in the data file.

As far as I know, there isn't a way to test if a specific privilege item will fail before executing it.  Many times, in addition to the tight Security implemented, I will include settings in a Users table where only privileged staff can access, where they set checkboxes for the User.  

 

Depending upon your setup, the settings can be passed to global variables at startup for the User or triggered to update global calculations where the values can be checked from anywhere (even the UI if the table with the global is added as a table occurrence in its graph).

 

This does not mean that checkboxes in a Users table replaces security but it allows Manager-control over specific settings.  And these CAN be checked by your script before execution.

Thanks LaRetta, That would work, the only catch is the user has to keep the actual security and the configured checkboxes in sync. My hope was that it would be possible to just run it from the actual security configurations. I thought maybe there was some technique I was missing to be able to do this. I also considered extended privileges, but that too seemed to be taking me down a redundant path as well. Not to mention the separation model posed some challenges there too.