SeedCode Support Forum

Hi John

as Seedcode Complete is divided into three files (UI, Data, Media) it seemed reasonable to me utilizing the user management of OS X Server. That way all three files would react to the same usergroups rights on the Server. While I first thought this was a brilliant idea, I feel now like having reached a dead end: I did some testing and playing around and found severeal possible ways of user management which I do not like altogether:

a; Add the server managed usergroup to the rights of the UI File and leave Data and Media as they are (ADMIN without PW and full access)

Pros:
- Server can be restricted to show only data files the user has rights in so only the UI file is listed and can be opened as is intended by you.
- Data and Media files are opened withot user prompt
Cons:
- Data and media files are listed as "recent" and can be opened from the menu without being asked for a password. This is simply unacceptable.

b; Add the server managed usergroup to the rights of the UI, Data and Media files.

Pros:
- One single login in the UI will open all three files
- The logging and "last modified" features will work consistently with all three files.
Cons:
-All three files are listed and the user has to "know" that the UI file has to be opened and not the other ones.
- One can login using either the full name "John Sindelar" or the short form automatically created by OSX Server "johnsindelar" or with any other short name defined eg. "JS" or "John" or "john"
Unfortunately while OSX does not care for capitalisation in these names FM does seem to care so "John" <> "john" <> "JOHN". To take it one step further OSX does not allow defining "John" and "john" twice on the same server so logging in with that short name into FM requires the user to use the exact capitalisation of her short name on the server which is invisible to the user....
- For the "pinning" feature in seedcode complete to work the FM user must equal the short name listed on the staff list. Using eg. the full name as a login will break the pinning feature.
- As the user is free to use any the names listed in his OS X account it cannot be predicted which will be actually used. But the actually used name will be logged so the log will over time contain all variants of a users name as described above.

c; Not use OSX user management but have all usernames with passwords for all users within all three files.

Pros:
- Logging and Pinning should work.
Cons:
- Administrator goes crazy over time
- All three files are listed and the user has to "know" that the UI file has to be opened and not the other ones.

What am I looking for:
- Real usernames instead of everybody logging in as Admin with full rights
- Pinning is so nice that it should work.
- Opening the Data or Media Files is no harm as long as there aren't full rights.
- Inconsistent logging names aren't nice but won't break anything.

So what is the "Filemakery" AND elegant way of solving this????????

Puzzled
Franz

PS. Sorry for the long post but I had to describe a relatively complex situation in a foreign language.

fwk wrote:So what is the "Filemakery" AND elegant way of solving this????????

I might think too complicated and for sure absolutely "unfilemakery" but:

Wouldn't it be easier and more consequent using ONLY the "Staff" list inside Seedcode Complete as a basis for all pinning, logging, calendaring?

In the startup script the appropriate Staff record would be set according to an association list kept in the DB. If an unknown user is logging in the first time she is asked which "Staff" she is and this association is stored in that internal list for all subsequent logins.

Pros:
- All logging is and stays consistent
- OSX user Management fully functional
- No need to keep OS Usernames in sync with FM UserID
- No need to keep Staff List in sync with FM UserID
- All user information centralised in a single staff list

Cons:
- Programming needed in Seedcode complete
- I am way too new to FM to do it on my own.

Just my EUR 0,01

A couple things...

Per your last suggestion, we do grab the staff record for the logged in user on start up: we do it by searching on their Account Name field. You could expand this to have multiple entries in the staff record's account name field if you need to. More on this in the last paragraph here: http://www.seedcode.com/pmwiki/pmwiki.p ... ete2.Staff

You can also hide the data and media files from users by selecting "Don't display in Open Remote file dialog" from File / Sharing.

You can also learn more about the whole issue of external authentication here: http://www.filemaker.com/downloads/pdf/ ... r_auth.pdf

Hope that helps,

John

John Sindelar wrote:You can also hide the data and media files from users by selecting "Don't display in Open Remote file dialog" from File / Sharing.

Thank you for the fast reply. I had to stop the server and open the file directly with FM Pro to apply that setting. Strange but now this is solved. Wonderful!

John Sindelar wrote:Per your last suggestion, we do grab the staff record for the logged in user on start up: we do it by searching on their Account Name field. You could expand this to have multiple entries in the staff record's account name field if you need to. More on this in the last paragraph here: http://www.seedcode.com/pmwiki/pmwiki.p ... ete2.Staff

What I really appreciate is the presence of these structures in seedcode complete to build on. Plus of course your patience explaining that stuff not only to me. Without consulting this forum and in addition receiving your advice it might be a bit too hard especially for me to investigate how things work inside SeedCodeComplete.

Thank you and good night.
Franz

Thanks for the feedback Franz; much appreciated.