Jump to content
Salesforce and other SMB Solutions are coming soon. ×

Recommended Posts

I've currently developed a database using the data separation model whereby I have an interface file, and a database file. The interface file is held locally on each computer using the database, and the database file is held on a server.

 

There are going to be 3 - 5 different organisations all contributing data to the main database, but ordinary users should only have access to the data created by their organisation. Some "super-users" will have access to the combined data from all organisations. I currently have lots of reports which cycle through the database, analysing specific parts of the data and returning found sets. What is the best way to segregate out my data on an organisation by organisation level?

 

Im trying to avoid having separate database files so that I don't have to make the changes to each file every time the database is updated?

 

I thought about setting up access privileges, and storing the organisation name in every record of the database, then limiting the view, edit, delete privileges based on this field. However, upon reading through the various FMforums it looks like this would give me multiple records showing .

 

Im basically trying to achieve:-

 

User 1 from Organisation A logs on - database behaves as if specific to Organisation A

 

Same for User 2 from Organisation B

 

Super User logs on and can run reports on data from Organisation A & B combined

 

Can anyone suggest an elegant solution?

 

BW,

 

Mike

Link to comment
Share on other sites

Make a developer-only table of usernames (using Get(AccountName) in an opening script) and the database that each user has access to. Then used scripted navigation to each layout that performs a find (or sets a global variable that controls a portal) so that the user only sees data specific to his/her organization.

 

Super User logs on and can run reports on data from Organisation A & B combined

Playing "Devil's advocate," what is the benefit or advantage of anyone being able to see the combined data from different organizations?

Link to comment
Share on other sites

Be very, very careful if you take this approach. Make sure the privilege sets don't allow other users to view data the are not supposed to. If it's not part of the actual security schema, there are ways to still view the data even if you didn't intend for them to. As Ronnie Rios puts it, don't rely on "Security By Obscurity". I would keep it in separate data files if at all possible.

Link to comment
Share on other sites

This thread is quite old. Please start a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share



×
×
  • Create New...

Important Information

Terms of Use