Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#2244 - Question on module permissions
Currently working within the Calls module. Would like to set up a permission structure where the owner of Account or Contact has full permissions on all activity within the record...even those created by another user. Example: another user in a different sales territory is covering the floor for the day. A customer calls in and speaks with the user covering the floor. We would like that user to be able to log the call to Account or Contact associated with the Owner without them being able to see all the details of previous calls logged by the Owner of the Account or Contact, and the owner of the Account or Contact to have full edit permission of the logged call by the other user. Can this be done through Security Suite?
-
"No brainer. I have purchased it for two production installations and not regretted it."
Read More Reviews
- Most Recent Love from Users
kacsoristvan- damien8105
- anri
- Administrador
- Stefano1
- einkauf2
8 years ago
Yes, but it can get messy. You would create a security group for each user, add the user to that group, and assign that security group to the main account/contact. This can be auto inherited by the owner with the Inherit by Assigned To option going forward. Then have the Inherit from Parent option turned on so that whenever a call is created for that account/contact all groups associated to the account/contact also get added to the call.
Then create a role that sets calls, etc rights to Group for List, View, Edit, etc and assign it to that group. This will be inherited down to the user so when the user is looking at the calls, etc for an account of theirs they would then have full access to those activities.
8 years ago
I attempted to set up as suggested, but visibility and access seems to still be driven by the creator of the activity. Also, all call descriptions are visible, can't be edited, but are still visible. Security groups are inherited, but edit access is by "assigned to" ownership. Is there a way for the call/activity to be assigned to the owner of the account?
8 years ago
Getting closer then! Next step is to ensure that when new calls are created for the account that the groups are automatically getting assigned to the new call. If they are then it is just a matter of configuring the roles for the user or group to set edit access to Group instead of Owner. This way any user in that role and in the group assigned to the call can edit it.
As far as automatically assigning the call directly to the account owner, that is definitely possible. You could implement that logic in a custom logic hook whenever a new call gets created or use Process Manager to define that exact workflow. If that is sufficient for your needs and you went that route then you may not need SecuritySuite.