by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Free Trial

By clicking you consent to share your profile with the developer

#738 - Restrict create new note or attatchment in history panel with SecuritySuite

Closed Feature created by mreintranet 10 years ago

Is there a way to restrict the create or hide the buton for new wih SecuritySuite in the history subpanel for cases or other modules? Please advice.

  1. eggsurplus member avatar

    eggsurplus Provider Affiliate

    10 years ago

    Funny timing. SugarCRM obviously does not have a way to differentiate between create and edit. However, this has been on my mind heavily today. I'm seriously considering implementing this feature this next week. I'll report back here within a few days with more info.

  2. eggsurplus member avatar

    eggsurplus Provider Affiliate

    10 years ago

    Giving this a shot right now to see if it's possible. May also release for Sugar 7 if it works out.

  3. eggsurplus member avatar

    eggsurplus Provider Affiliate

    10 years ago

    Got it working. Doing some more testing then releasing a new version of SecuritySuite this week which separates Create and Edit rights.

  4. eggsurplus member avatar

    eggsurplus Provider Affiliate

    10 years ago

    This now works in the 2.8.0 release for SugarCRM CE 6.5.17: https://www.sugaroutfitters.com/docs/securitysuite/release-notes

  5. mreintranet member avatar

    mreintranet

    10 years ago

    Great, will try it out!

  6. mreintranet member avatar

    mreintranet

    10 years ago

    This is awesome, yet the permission for group is not available. It only displays, all, none but not group. And one other question, on the subpanel securitygroup, the user for the group assigned can also add more groups. If i have a user with 2 groups but different permission for each group, he can add the other group and the permissions set before dont matter. Is this like this or have I configured something wrong?

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      10 years ago

      There are 0 groups associated to a record when creating it since it hasn't been created yet so group permissions would never apply here. This is why Group isn't an option in the Create column for the role grid.

  7. mreintranet member avatar

    mreintranet

    10 years ago

    Ok. Let me give you an example to figure out how this works. I have GROUP A and GROUP B, USER 1 is assigned to GROUP A. As an ADMIN I create 2 CASES, one assigned to GROUP A and the other to GROUP B. In the ROLES I have established for GROUP A to create ALL and GROUP B NONE, when USER 1 goes to CASE 2 with GROUP B assigned the user cannot create a note or attatchment but can see the subpanel for the security group assigned. The user then adds GROUP A to the security group so the case now has GROUP A and GROUP B assigned and the also now has the permission to add notes. Is this correct, should he be able to add a security group to the case? Is there a way to prevent non admin users to add security groups to records? Please give me your thoughts, thanks for your time i really appreciate it. =)

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      10 years ago

      Great discussion and the answer/reason behind it is complicated.

      Group B being assigned to Case 2 is irrelevant in the example as User 1 isn't a member to Group B. User 1 will be able to create notes. If User 1 was in Group B instead and had no rights to create notes then User 1 couldn't create notes anywhere in SugarCRM. It wouldn't matter which Case it was for. This is a deficiency in SugarCRM's architecture and there isn't a clean way to solve controlling rights for child records in a way that works for the masses. Meaning that if you want to make "create rights" be dependent on the parent record it would need to be a custom coded solution and it wouldn't be pretty.

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
Rating
Rating
  • "The features are exactly what is needed to turn a SugarCRM CE into a Teams based CRM."

    Read More Reviews