Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#1741 - User with no permissions to edit is till able to add records in sub panels
I am trying to set up user accounts for an internal web development project with a bunch of custom modules. I'm working with Version 7.10.
For that, there will be user accounts with different permissions needed.
Therefore I have created a role of which users are not able to edit, delete and import. Users of this role are however indeed able to Access, Export, List and View.
When I log in with a user of this role, everything works like a charm up until the point where I enter a custom module in which sub panels are present. For some reason, the "Create" option of the sub panel is gone but on the other hand I am still able to add an entry onto the sub panel permanently. I also tried to refresh and re-log. The relationship between the two entities is indeed established afterwards.
For my purpose, this should not be possible. Yet, I do want those users to enter the details of the record from the list view. I just don't want the user to add something in the sub panel.
Is there some option I have missed?
Is there some way to handle this dynamically? Maybe to hook into the corresponding event and check the user role prior to establishing the connection between two entities? Or maybe to just disable the button at all when a user is browsing through without the necessary permissions?
Thanks in advance!
Other add-ons of interest
Glances - Integrate All Your Applications
Accomplish More Every Day. Spend your time on getting things done, not on finding information. Glances securely connects all of your apps and provides a simplified view of the data you need right when you need it, in real time.
Secure your SuiteCRM. Protection against brute force attacks. Track users' logins and protect your data.