Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#1244 - Normal users with full access to users module can't list users
We have a role "admin" for Normal users (assigned directly) with full access to users module (admin + dev set in the access type column). It is set also with all the other columns in full access.
The users in that role can edit other users, like the admin, accessing to ther edit view (i.e. URL//index.php?module=Users&action=EditView&record=1) but can't see any user in list view.
We already did the "repair an rebuild" and the "repair roles" actions.
Our Suitecrm version is 7.8.20
-
"The add-on itself was already a must for my SuiteCRM, which was missing this very important security feature. However, what surprised me the most was ..." - Davint
Read More Reviews
Larry Rudd
5 years ago
Hello,
A couple of questions to help me debug this. Can you list any other add-ons that you have installed? Are you using the "login as" feature for that user having troubles on the list view or did that user log in normally?
Thanks! -Jason
5 years ago
Te user log in normally. And We have just a language pack installed, a theme that actually we don't use and other plugin made by ourselves. We have tried to uninstall those add-ons and the problem still persists.
5 years ago
Thanks! This helps. I will take a look today and follow up here.
5 years ago
A possibility here is that under Admin->SecuritySuite Settings the "Additive Rights" option is unchecked. If the user is assigned to multiple roles, having this unchecked will restricted the user to the lowest rights across all roles assigned either directly to the user or through any groups that the user is assigned to.
With that said, I'm unable to replicate this behavior on the list view on a clean 7.8.20 install with SuiteCRM_7.8.20_SecuritySuite_v3.1.11.zip installed. Is this the version you have installed as well?
This is what the role looks like:
And this is assigned directly to a user. When logged in as that user the full list view of users shows:
Could it be the Additive Rights option? If not, I wonder if there are any customizations that may be conflicting here.
5 years ago
We post you the full procedure:
Its weird because we can create new users, but then we cant see them into our listview.
We don't see any php errors in the logs by the way.
5 years ago
Could Eric have a search filter in use on the Users list view? Try clicking on the filter icon and seeing if you can clear all of the filters.
5 years ago
No filter set. If we set "Not set" instead of "Enabled" in the user module, we see "Currently has no saved records CREATE or import one now". even if we create some users in from the Eric account. Should we reinstall security suite?
5 years ago
It is possible that some files didn't copy over during install. This typically happens due to file permission issues that prevent copying. I suggest at least temporarily setting permissions to 755 and then rolling it back to what you had after install.
To reinstall we will have to trick the Module Installer. Unzip the install package, edit manifest.php, change the version number to something like 3.1.11a, save, and rezip the package so that manifest.php is in the root directory. This should now be able to be uploaded and installed.
Let me know if you have any questions. If this doesn't work I may need temporary access to both the server and an admin account for SuiteCRM.
5 years ago
I found out the problem. It was the "Filter User List" directive checked in the configuration of the security suite. If checked, even if the user has all the permissions in his role, he cannot list users. If it is not selected, the users list is visible. I must say that the user does not have any group assigned, but if I assign him a group, I can see the users of his group (which is him only at this moment). Anyways he is still able to access to every user from editview.
Is this a normal behavior? Can you reproduce that?
Thank you.
5 years ago
You found the problem. I'd expect that setting to not matter in this scenario. I'll work on a fix and make that available to you as soon as it is ready.
5 years ago
A new 3.1.12 version that fixes this issue has been uploaded to your purchases at https://store.suitecrm.com/orders. Install on top of the existing install. Do not uninstall first. For good measure run the following after install:
Let me know how that package works for you.
5 years ago
Hello, the new release seems to be working well. We will notify you if we find any problem. Thank you very much.
5 years ago
That's great to hear! I'll close this out for now. Feel free to follow up here as needed or by creating a new case. I appreciate your reporting and help on this issue.
5 years ago
Hello, how are you doing? We still need a solution fot this.
5 years ago
Hello.
I read through our conversation thread here and it was confirmed resolved a couple of months ago with the 3.1.12. If things have reverted then a setting changed that caused it to no longer work. Reading through previous comments, it may be the Filter User setting or some sort of additive rights scenario.
Hope this gives you some ideas to try.