Fileman Access Codes

We've been working on a new Privacy and Security Manual for Fileman 22.2, something Fileman's never had before. Some parts of Fileman's security system are not as easy to explain as we would like, which underscores the importance of this new manual.

Fileman has a unified model for security, in which files, fields, and templates can have their access set in up to six different ways - read, write, LAYGO, delete, audit, and data dictionary - but those settings are made in two different ways, and those two ways are split across two packages (Fileman and Kernel), making this system unnecessarily complex. In future versions we'll be closely examining how to simplify this model while increasing its flexibility.

In the meantime, we also have noticed that the VA documentation is oriented mainly toward VA, which would seem to be almost a tautology except that one rarely thinks through the implication of tautologies. In this case, one of the ramifications is that VA, which shifted from the Fileman Access Code security system to the File Access by User security system back around 1989, doesn't spend much time explaining how the Fileman Access Code system works. This is not much of a problem for VA, but it's a big problem for almost everyone else, since most other VISTA adopters - including Indian Health Service - are still using the inadequately documented Fileman Access Code system.

As we work our way through the details of how it works, finding bugs along the way (some to be fixed in 22.2, others in 22.3), and figuring out how to explain it, we can't help but notice a big missing piece - a list of the Fileman Access Codes originally allocated to VISTA packages in the 1980s, and a list of the Fileman Access Codes assigned by the IHS DBA to various IHS packages. Although this has always been excluded from Fileman's documentation based on the technicality that it is more about the relationship between Fileman and other packages than about Fileman itself, the absence of a simple, easy-to-find table is in hindsight quite the oversight.

So I spent part of yesterday scouring the File file and Data Dictionary - in both FOIA VISTA and FOIA RPMS - and old manuals looking for evidence of the original allocations. I'm about halfway to reconstructing the original assignments.

If anyone in this community has a document or other source of information about the original Fileman Access Code assignments, or any other kind of lead that might help, please let us know.

I'll be pursuing multiple leads in the hope of finding some documentation in time to get this into Fileman 22.2's security manual.