Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#738 - Restrict create new note or attatchment in history panel with SecuritySuite
Is there a way to restrict the create or hide the buton for new wih SecuritySuite in the history subpanel for cases or other modules? Please advice.
-
"Quite powerful, flexible and easy to use plugin. Works perfectly in SuiteCRM as well as in SugarCRM." - damien8105
Read More Reviews
- Most Recent Love from Users
kacsoristvan- damien8105
- anri
- Administrador
- Stefano1
- einkauf2
10 years ago
Funny timing. SugarCRM obviously does not have a way to differentiate between create and edit. However, this has been on my mind heavily today. I'm seriously considering implementing this feature this next week. I'll report back here within a few days with more info.
10 years ago
Giving this a shot right now to see if it's possible. May also release for Sugar 7 if it works out.
10 years ago
Got it working. Doing some more testing then releasing a new version of SecuritySuite this week which separates Create and Edit rights.
10 years ago
This now works in the 2.8.0 release for SugarCRM CE 6.5.17: https://www.sugaroutfitters.com/docs/securitysuite/release-notes
10 years ago
Great, will try it out!
10 years ago
This is awesome, yet the permission for group is not available. It only displays, all, none but not group. And one other question, on the subpanel securitygroup, the user for the group assigned can also add more groups. If i have a user with 2 groups but different permission for each group, he can add the other group and the permissions set before dont matter. Is this like this or have I configured something wrong?
10 years ago
There are 0 groups associated to a record when creating it since it hasn't been created yet so group permissions would never apply here. This is why Group isn't an option in the Create column for the role grid.
10 years ago
Ok. Let me give you an example to figure out how this works. I have GROUP A and GROUP B, USER 1 is assigned to GROUP A. As an ADMIN I create 2 CASES, one assigned to GROUP A and the other to GROUP B. In the ROLES I have established for GROUP A to create ALL and GROUP B NONE, when USER 1 goes to CASE 2 with GROUP B assigned the user cannot create a note or attatchment but can see the subpanel for the security group assigned. The user then adds GROUP A to the security group so the case now has GROUP A and GROUP B assigned and the also now has the permission to add notes. Is this correct, should he be able to add a security group to the case? Is there a way to prevent non admin users to add security groups to records? Please give me your thoughts, thanks for your time i really appreciate it. =)
10 years ago
Great discussion and the answer/reason behind it is complicated.
Group B being assigned to Case 2 is irrelevant in the example as User 1 isn't a member to Group B. User 1 will be able to create notes. If User 1 was in Group B instead and had no rights to create notes then User 1 couldn't create notes anywhere in SugarCRM. It wouldn't matter which Case it was for. This is a deficiency in SugarCRM's architecture and there isn't a clean way to solve controlling rights for child records in a way that works for the masses. Meaning that if you want to make "create rights" be dependent on the parent record it would need to be a custom coded solution and it wouldn't be pretty.