[Vtigercrm-developers] Lazy question on webservices.

Vikas Jain vikas at vtiger.com
Mon Sep 24 23:03:36 PDT 2012


Hi,

There is another check in CRMEntity where only fields with displaytype 2 is
skipped.
Its in the insertIntoEntityTable API and this is where i think your
displaytype 2 field is getting removed.

If you allow fields with displaytype 2 here in this API then you will open
up another hole in the edit views
where a user can create that field using firebug and update the value. To
avoid this i think you will need
an interface where you can filter out displaytype 2 fields from the CRM
edit pages and then save the records.
Let me know if this works.

  the name "displaytype" does not imply the field itself is read only -
> just that it gets "displayed" in different ways.

Your point seems to be valid and these fields should be allowed to be
updated from REST, I'm trying to think of
use cases that might be affected by allowing this displaytype 2 fields to
be updated and their consequences.


On 24 September 2012 13:20, Alan Lord <alanslists at gmail.com> wrote:

> On 24/09/12 08:28, Joe Bordes wrote:
> > Hi,
> >
> > Ok, I finally read the conversation thoroughly, which I should have done
> > the first time before jumping to conclusions and answering incorrectly.
> > I apologize for that.
>
> No problem - your comments were totally valid :-)
>
> > If I understand correctly the whole problem stems from the fact that you
> > are playing with the readonly field in vtiger_field. This field is
> > obsolete and has nothing to do with it anymore.
>
> Well, not quite no. I was simply trying to write to a bunch of vtlib
> modules' fields which I want to set to displaytype = 2 so users can't
> mess with them but can read them.
>
> That the readonly value is obsolete is helpful. I knew it didn't work,
> but that is not the same thing. I will ignore that from now on.
>
> > In 5.3, readonly permissions were introduced and work, but at the
> > profile level. So each field gets its readonly status based on the users
> > profile.
> > If you go into settings > profiles and mark a field as readonly there,
> > you will see that it acts as a displaytype=2 for the users in that
> profile.
>
> Yes, I was aware of that. I was hoping to be able to avoid this. They
> will probably need quite a few profiles and we have quite a few custom
> modules with lots of fields which are only for display/analysis and
> remain synced with an external system.
>
> > I have never tried accessing or manipulating a field configured like
> > this from REST and different users with different profiles, but I'd say
> > it should work correctly. Please give it a try and let us know if that
> > works, and also, if I am a little bit more "in line" this time :-)
>
> You are right. If the webservices connection is by an administrator then
> it doesn't matter what profile they have. But this also means we need to
> explain to to the users that they need to create a separate admin
> account (which isn't such a bad thing) and use it *just* for admin tasks...
>
> Thanks for the input again. I think we'll have a quick dig around in the
> webservices code a bit more and see if we can override displaytype=2
> just for REST but if not I was going to use the profile route anyway.
>
> I still stick by my earlier point though; the name "displaytype" does
> not imply the field itself is read only - just that it gets "displayed"
> in different ways. Shame it doesn't mean that in reality.
>
> Al
>
>
> _______________________________________________
> http://www.vtiger.com/
>



-- 
Regards
Vikas
Vtiger Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20120925/1cb1b8aa/attachment.html 


More information about the vtigercrm-developers mailing list