by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Cancel at any time!
Free Trial

#1775 - Security groups from related Records

In Progress Bug? created by FibreCRM Verified Purchase 5 years ago

Hi Jason, we have noticed an issue with a clients system which has a lot of relate fields. if we create a record , save it and then select relate records everything is OK. but if we populate the relate fields prior to creation/save then all of the security groups from the related records are copied to the new record ? is this the correct behaviour ?

Suite 7.8.5 SecSuite 3.1.0

  1. eggsurplus member avatar

    eggsurplus Provider Affiliate

    5 years ago

    Yes, as long as the Inherit from Parent option is checked this behavior would definitely be triggered. It also pulls from relate fields on the module. If this is undesired you can change that via code by editing /modules/SecurityGroups/SecurityGroup.php. Look for the inherit_parent function and uncomment the if statement around the foreach($focus->field_name_map... code block.

    • fibrecrm member avatar

      FibreCRM Verified Purchase

      5 years ago

      Hi ,

      We have tried this and its made no difference , just to confirm it was this line

              /** need to find relate fields...for example for Cases look to see if account_id is set */
              //allow inheritance for all relate field types....iterate through and inherit each related field
             if(empty($parent_type) || empty($parent_id)) {        <<<<<<<<<<<<<<<-------------------------------------------- this line
                  foreach($focus->field_name_map as $name=>$def) {
      
                     if($def[&#039;type&#039;]==&#039;relate&#039; && isset($def[&#039;id_name&#039;])
                          && isset($def[&#039;module&#039;]) && strtolower($def[&#039;module&#039;]) != "users" ) {
      
                          if(isset($_REQUEST[$def[&#039;id_name&#039;]])) {
      

      Any ideas please ?

      Thanks

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      5 years ago

      My mistake. That should remain commented out in order to catch all relate fields. For those relate fields, is the type set to relate and is the id_name value set in the field vardef? If so, it will trigger that section of code so that the relate field security groups get copied to the new field.

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
Rating
  • "The add-on itself was already a must for my SuiteCRM, which was missing this very important security feature. However, what surprised me the most was ..." - Davint

    Read More Reviews