Permission Granted

Permission Granted

by Matthew Leering
Security Matrix

Security Matrix

Version History

1.1 – 01/03/2013 – Fixed typo in set variable declaration, added new comments to Readme

1.0 – 11/25/2013 – First Release


This module exists for two main reasons:

  • It’s difficult if not impossible to preemptively check whether a user has permission to perform certain actions in FileMaker Pro.  Typically the developer has to let the user attempt the action and then check for errors.
  • System administrators often want an easy way to reconfigure their users access privileges.


How It Works

This module provides you with tables, scripts, a layout, and a few custom functions that make it easy for you to define a template.  Once defined, you’ll be able to insert security checks throughout your system to determine whether or not your users are supposed to perform certain actions… before they actually try to perform them (this works great for custom formatting among other things).  The layout provided makes it easy for system administrators to define permissions on a security group level (and using the template that you define for them).



  1. Copy and Paste these tables into your solution ( the users table is optional , though if you don’t use it, be sure to adjust the opening script –> “Retrieve My Security Settings” accordingly )
  2. Update the next serial number for vSecurityMatrixTemplate::zc__recordSerial__n.
    (When implementing this table into your solution, it will probably not have any records, so the next serial number should be “1”)
  3. Copy and Paste the custom functions from this file into yours
  4. Recreate the value list in your solution
  5. Copy and Paste ( or import ) the scripts in the Navigation Module in this file into your solution
  6. Copy the main layout –> “Groups” into your solution
  7. Hook up the OnFirstWindow script –> “Retrieve My Security Settings” to your solution’s OnFirstWindowOpen Script
  8. Edit the “Configure Security Matrix Template For All Users” script in the “Configuration and Setup” folder.


Download –>

12 responses to “Permission Granted”

  1. Super says:

    I accidentally deleted all the records in the vSecurityMatrixTemplate tables. Though I run the script Retrieve My Security Settings, nothing get populated in vSecurityMatrixTemplate. Records are created with only the zc__recordSerial__n get populated. The rest of the fields are blank. How do I get to populate this table again? Thank you

  2. Super says:

    Never mind. I managed to figure it out. Thank you

    • Glad you managed to figure this out.
      If I could guess what the resolution was, I could only surmise that it had to do with re-numbering the serial numbers after recreating the deleted records. Any chance you can verify this for the benefit of anyone else who might run into the same problem?


  3. KevinSmith says:

    I’ve just completed integrating this function into my solution. The instructions need to include an additional step:
    • Ensure that you reset the starting serial number for the ID/Key field “vSecurityMatrixTemplate::zc__recordSerial__n”=”1”

    This is necessary as when the fields are copied across from the source file over to the solution the starting serial numbers are copied with the fields. The PermissionGranted function relies on the record IDs to be sequential and start from 1.

  4. KevinSmith says:

    Script Name: “Populate Security Matrix [ { _permissions } ]”
    Script Step: It’s a set variable script step on line 6
    Typo: The variable should be spelt “$Permissions”

  5. KevinSmith says:

    Hi Mathew

    Thanks for responding & updating the code. My task of integrating the core code into a 10 year old system is over. Now I’m in process of weaving in the “RIGPermissionGranted_cf” test into existing scripts, tabs controls etc.

    The custom function “RIGPermissionGranted_cf” is used to test whether a user has rights to perform an action. It returns a Boolean Yes/No. The way the function is written at present enables it to return a false positive in some circumstances. This occurs if you one passes a null parameter for “_zone”. This is unlikely to occur if you alway pass parameters as literals e.g. RIGPermissionGranted_cf (“StaffTable”;”View”). If can easily happens when using variables e.g. RIGPermissionGranted_cf ($Zonee;$Permission). If there’s a typo with variable name then it will pass instead of contents of correctly spelled variable “$Zone”.

    Here’s a suggestion (code snippet) for modifying custom function “RIGPermissionGranted_cf” to prevent a false positive:

    GetAsBoolean ( PatternCount ( $$security_matrix ; _zone & “|” & _action & “|” & 1 ) ) and not IsEmpty (_zone) and Not IsEmpty(_action) )

    Thanks very much, Regards Kevin

  6. […] If you’ve read this far, you already know how to implement this new feature, and you can see a good example of it in a module that I’ve uploaded to called “PermissionGranted”. […]

  7. moriya says:

    Please provide the example files. Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *