Every new FileMaker Pro Advanced database contains three predefined privilege sets:
•Full Access: permits accessing and changing everything in the file
•Data Entry Only: permits viewing and entering of data only
•Read-Only Access: permits viewing but not changing data
Note The Read-Only Access privilege set permits write access to all global fields. To create a privilege set in which global fields and all record data are view-only, you can duplicate the Read-Only Access privilege set and change Records from Custom privileges to View only in all tables.
You cannot change or delete these predefined privilege sets, except to enable or disable extended privileges for them. You can either use them as is, or duplicate them and then modify the duplicate copies.
The following table summarizes the properties of these privilege sets.
Privilege | Full Access privilege set | Data Entry Only privilege set | Read-Only Access privilege set |
Records (in all tables) | create, edit, delete | create, edit, delete | view only |
Layouts | all modifiable | view only | view only |
Value lists | all modifiable | view only | view only |
Scripts | all modifiable | all executable only | all executable only |
Extended privileges | all off, except fmreauthenticate10 | all off, except fmreauthenticate10 | all off, except fmreauthenticate10 |
Allow printing | on | on | on |
Allow exporting | on | on | on |
Manage extended privileges | on | off | off |
Override data validation warnings | on | off | off |
Disconnect user from server when idle | off | on | on |
Allow password modification | on | on | on |
Password change number of days | off | off | off |
Minimum password length | off | off | off |
Available menu commands | All | All | All |
Note The Full Access privilege set is the only one that permits access to the Manage Database dialog box in order to modify fields, tables, relationships, and data sources. It is also the only privilege set that permits changing accounts and privileges. Because you cannot enable these privileges in any other privilege set, any user that wants to make database definition changes or privileges changes must open the file with an account that is assigned the Full Access privilege set.
At least one active, FileMaker authenticated account in each file must be assigned the Full Access privilege set. An error message will appear if you edit accounts so that no active account is assigned the Full Access privilege set.