SecuritySuite - Enhanced SuiteCRM Teams

by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Free 30 day trial
Try it Now

#2741 - How hide Select button in subpanels?

Open Feature created by Ward Verified Purchase 4 years ago

Today it seems impossible (without adding custom code to every module) for us to hide the 'Select' button from certain subpanels for certain Roles. This permission loophole allows the user to add Contacts or Accounts etc. to records via subpanels even though they do not have Create permission for that module.

Offering the ability to use Teams Edition to selectively hide subpanels via Custom Group Layouts (see https://store.suitecrm.com/support/securitysuite/2712) would cover most use cases, but to cover all use cases, controlling the 'Select' button in Role management would close remaining permission issues - can you add 'Select' to the Role tool, just like you added 'Create'?

  1. netops member avatar

    netops Verified Purchase

    4 years ago

    Also the role changing of edit permissions to NONE has no effect either. it renders the module and is easily bypassed by anyone since it allows select and it allows them to make a record a member of any sec group they want! Only way is to disable access altogether but then you have no idea what sec group the record is in.. ??..!! ??

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      4 years ago

      Have you tried setting the Security Groups List/Detail rights to Group? That should set the select to only show the groups that they are in so that they can only select their own groups.

  2. netops member avatar

    netops Verified Purchase

    4 years ago

    I tried your suggestion however even after setting them all to NONE, it still allows the user to select ANY security group. (Lists and shows all sec groups)

    • netops member avatar

      netops Verified Purchase

      4 years ago

      I stand corrected, I looked again at the user and he had another group that allowed it assigned. I missed that. After removing the offending group it did as you stated! Brilliant!

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      4 years ago

      Those sneaky additional groups! Glad that you were able to get it working as you need it.

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
  • Supported Versions
  • 7.6.2 to 7.14.4
Read Our Review
Rating

  • "The add-on itself was already a must for my SuiteCRM, which was missing this very important security feature. However, what surprised me the most was ..." - Davint

    Read More Reviews

Other add-ons of interest

Glances - Integrate SuiteCRM with all your apps

The simplest way to work™. Glances integrates SuiteCRM with all your favorite workplace apps, acting as your go-to hub for real-time customer insights and personal tasks.

Featured

Prevent Concurrent Login

Add an additional layer of security by allowing only one person to log in as a user at a time. Prevent multiple users from using the same credentials at the same time. The user previously logged in will be logged out automatically and be prompted with a message.

Rating

Users Activity Logger

Log SuiteCRM Users activities like User Login, Logout, Record Create, Update, Delete on any module with IP address of the User

Rating
Administration teams securitysuite security groups