SecuritySuite - SuiteCRM and CE Teams

• How do I add a group to a record when a field value changes?
• How do I add a group to a newly created user?
• How do I assign groups to existing records based on their parent?

How do I add a group to a record when a field value changes?

Add a before_save logic hook that checks for the field value change. Upon change load the SecurityGroups relationship and add the "id" of the group that you wish to add to the record.

The example below detects when the account type dropdown changes on an account. When it gets changed to "Customer" a "Support Group" gets assigned to the account.

/custom/modules/Accounts/ReassignSecurityGroup.php:

class ReassignSecurityGroup {

    function account_type_change(&$bean, $event, $arguments)
    {   
        //detect if Type dropdown has been changed to Customer
        if($bean->account_type != $bean->fetched_row['account_type'] && $bean->account_type == 'Customer') {
            $bean->load_relationship('SecurityGroups'); //use the link name...can find in cache/modules/{MODULE}/{MODULE}vardefs.php
            $bean->SecurityGroups->add('cd1cf3bb-9eb3-4b24-b488-529b908fed70'); //add Support Group to the record
        }
    }
}

And the /custom/modules/Accounts/logic_hooks.php:

$hook_version = 1; 
$hook_array = Array(); 
$hook_array['before_save'] = Array(); 
$hook_array['before_save'][] = Array(1, 'account_type_change', 'custom/modules/Accounts/ReassignSecurityGroup.php','ReassignSecurityGroup', 'account_type_change'); 

How do I add a group to a newly created user?

The easiest way to do this is to go to SecuritySuite Settings and in the "Default Groups for New Records" section at the bottom choose Users for the module and then which group you want assigned to it.

Sometimes you'll want finer control though. To do that add a before_save hook on the Users module and then add the group that you want based on your logic to the user.

if(empty($bean->id) || $bean->new_with_id == true)
{
    $default_group = BeanFactory::getBean('SecurityGroups');
    $default_group->retrieve_by_string_fields(array('name'=>'Owner_Only_Group','deleted'=>0));
    $default_group->load_relationship('users');
    $default_group->users->add($bean->id);
}

How do I assign groups to existing records based on their parent?

You have just installed SecuritySuite and assigned a security group to an account. How do you get that group also assigned to all of the records related to an account such as contacts, notes, etc?

Going forward this is done automatically for new records based on your SecuritySuite Settings. For initial setup though we recommend using SQL to do this. Always back up your database first before trying this (we are only inserting so minimal risk).

Below is an example script to take all security groups assigned to an account and auto assign it to the contacts associated to the account. You can rework this script as needed for each module. To do so, change the join and change the 'Contacts' module to be the module name as it shows when you view the application's /modules folder on the server.

insert into securitygroups_records(id,securitygroup_id,record_id,module,date_modified,deleted)
select uuid(),sg.id,c.id,'Contacts',now(),0
from securitygroups sg
inner join securitygroups_records sr on sg.id = sr.securitygroup_id and sr.module = 'Accounts' and sr.deleted = 0
inner join accounts a on sr.record_id = a.id and a.deleted = 0
inner join accounts_contacts ac on a.id = ac.account_id and ac.deleted = 0
inner join contacts c on ac.contact_id = c.id and c.deleted = 0
where sg.deleted = 0;