Only See My Events

How can I ensure a user only sees their own records?

DayBack respects the access rules you've set up in your original source (Salesforce, Google, etc,). So if a user is unable to see or edit an item in your origin app, they'll be unable to see or edit the item in DayBack.

You may want to go further than your origin app and veil events from some users in DayBack. Here are some strategies for doing that...

Salesforce Specific

But you may have cases where a user is allowed to see all events, but you'd prefer to give them a view focused on just their stuff. 

You might embed pre-filtered DayBack calendars on other Salesforce pages. In this case, you might want to add an instance of DayBack to the home page: one filtered to show only events for the logged-in user. You'll find videos and instructions for how to do this here: Custom Calendar Tabs in Salesforce Lightning

You can also embed a filter in the fields mapped to DayBack so that a calendar only returns a subset of the records in that object: Pre-filtering in DayBack for Salesforce. (This is the most popular tactic we use.)

DayBack's custom app actions allow you to add your own behavior to when the calendar starts up. Customers have used this to limit the calendars presented to the logged-in user or to restrict the resources available to just those in the logged-in user's region. You'll find details and examples here: Custom App Actions.

FileMaker Specific

You can easily restrict the events a user is able to see using FileMaker's built-in Access Privileges to create rules as to which records a logged-in user can see.

If you haven't worked with FileMaker's Access Privileges before, take a moment and read the overview in FileMaker's built-in help, check out Contents > Protecting databases with accounts and privilege sets > Creating and managing privilege sets > Editing record access privileges. 

For more information about limiting which records a user can see, continue to the "Editing record access privileges" page: you're interested in the "Limited" option under number 4.

Tips & Tricks.

The only tricky part here is finding some attribute of the user's login to tie that login to a record in the calendar's events table. The items you have at your disposal are Get ( AccountName ) and Get ( AccountPrivilegeSetName ). The privilege set name is probably going to be used for general things like "administrator" or "sales rep" so you'll probably be using Get ( AccountName ) in your access privilege calculations to compare a logged-in user with the user linked to an appointment. There are two basic approaches here:

1. You can make the user's Account Name match a field already in the database. So you could make sure all your accounts are created with the Account Names being real first and last names of your users. Account names would be things like "Bill Smith". If you did that, an access privilege calc that would let the logged-in user only see their appointments would look like this: 
	Not isempty ( FilterValues ( List ( SampleEvents::UserNameFirstLastCalc ) ; Get ( AccountName ) ) )
Make sure this calc is set to evaluate from the context of the same table occurrence used for your Source No 1 layout. So there are a couple things to note about this calc. The first is that it just returns a 1 or 0; a 1 if the Account Name is one of the names of the users linked to the appointment, a 0 if it is not. That is how all your access privileges calcs should be written: to return a 1 (ie. be true) if the user can see, edit, etc. the record. The second thing to note is that we don't use the = sign. This is because an appointment can have more than one user, so its user will never be equal to any one user. Instead, we use FilterValues to see if the Account Name "is a member" of the users on the appointment. 
2. The second approach is to create your own field in a users table to match the account name; you'd essentially be recording the account name in FileMaker. Do not, of course, record the user's password in FileMaker as that would not be very secure.
Note that if your username is not indexed in the events table this calc can really slow the solution down as FileMaker looks at some related information for each event it is trying to display.
Now, of course, you may want to have some users that can see everyone's appointments: you don't have to mess with the calc above to do this, simply assign these power users to a different privilege set that doesn't limit the appointments they can view at all.

Note that we're still talking about the user's  FileMaker account name, not their DayBack username which is often their email address. You can map DayBack usernames to real FileMaker accounts in the  PHP relay file on your FileMaker Server.

Related Articles