Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#133 - Documentation help on how security groups work
When we add security groups to a user, all meetings disappear. If the user doesn't have any security groups, the meetings show up fine. We have verified that the correct association is in the securitygroups_records table but can't figure out why having a role hides the meetings and not having it shows them.
-
"Incredibly useful. It's one of the first features you need. This needs to be part of the core product." - MTP
Read More Reviews
- Most Recent Love from Users
kacsoristvan- damien8105
- anri
- Administrador
- Stefano1
- einkauf2
11 years ago
It all depends on both the role(s) assigned directly to the user or to the user's group(s) and on the SecuritySuite Settings page. If the meetings disappear, it may be that the groups being assigned to the user have a role with Group only permissions meaning the user can only see meetings that are also assigned to the same group(s). With no groups he may have All permissions which allow him to see all meetings. It can get tricky if the "Strict Rights" setting is turned on. In this situation, it depends on which group is assigned to the meeting for which role gets applied to the user.
11 years ago
So, do we assign roles AND Security Groups to users, or just roles and they get security groups from the assigned role?
11 years ago
You for sure need to assign Security Groups to both users and the records they should have access to. Going forward, records will automatically have groups assigned to them upon creation based on your inheritance rules that you have set up. Roles need to be assigned at least to the user and/or the Security Group(s). It is a matter of personal preference for managing roles. I prefer to assign a general role to each Group and for unique cases assign a custom role to a user when needed.
11 years ago
So we have roles assigned to the security groups and security groups assigned to the user. Should this be sufficient or do we need to have roles AND security groups assigned to the user?
11 years ago
That's sufficient for that piece. You can verify that the permissions propagate down to the user correctly by viewing the user record and checking out the Access grid.
The other key piece is that the groups need to be assigned to the records as well (meetings, leads, contacts, etc). This helps determine which records a user has access to (if they have Group permissions for a certain module and action).
10 years ago
Closing this out, but feel free to follow up if additional help is needed.
Here is a good primer doc for anyone else that comes across this: https://www.sugaroutfitters.com/docs/securitysuite/example-of-a-typical-setup