I promised a feature that, upon reflection, I am not sure of the best way to implement. VFP to SQL Server back end. VFP contains numerous forms for different purpose, each form then contains numerous fields for editing. In addition, we have reporting to consider. The question is how best to implement as follows:

User/group security can allow r/w, read, or no access to each form. Within each form the user/group can have r/w, read, or no access to each "group" of conceptually linked fields, and then further for each field. Rights go down, IOW if I have read rights for a form I can have read or no access to groups, if I have read access to a group, I can have read or none to fields within.

Most of the business logic for the system is in the VFP classes that control the data access, as opposed to in the sql server database.