Hello,

 

I've read a few similar threads in this area, but none were quite the same as what I'm experiencing.  I have a table of employee project records, and I was trying to set up a custom privilege set such that an employee can only view records where the "empID" field matches the global variable $$EmpID.  This is so that, should an employee somehow manage to get the Found Set to include records not belonging to them, they would just see the <No Access> label, instead of the data.  By setting the View privilege for the table to "Limited" and entering the calculation "empID = $$EmpID", this works.  However, what I have discovered is that this somehow prevents all related records from being viewed - even those which cause the calculation to be true.

 

For instance, I have a self-join relationship which returns all the employee's entries for the week, based on the date of the current record.  This works without issue, until I apply the above View restriction.  Then no related records are returned.  Shouldn't it still be able to find records via the relationship, when the "empID" field contains the same value on both sides?

Are you sure the current record is one that the user has permissions to view?

 

 

Unrelated to your question, but this:

 

an employee can only view records where the "empID" field matches the global variable $$EmpID

 

is not a good idea, security-wise. Use a global field and make sure that users cannot modify it (have a script running with full access populate it as needed).

Are you sure the current record is one that the user has permissions to view?

 

Yes, when the file opens, the script does a find and displays the user's records for the current month.  If the View privilege is left at "Yes", related records via the self-join are accessible.  If the View privilege is set to "Limited", where "empID = $$EmpID", then doing something like "Count(Week::date)" returns 0.

 

I will take your advice about using a global field.  Thanks for the tip.