[Vtigercrm-developers] Separating Create/Edit into 2 separate Role/Profile permissions
Satish Dvnk
satish.dvnk at vtiger.com
Wed Jul 27 08:21:56 GMT 2016
Hi Sutharsan,
We have identified and fixed few more areas that was missed, also we have
added migration script for the existing profiles. Here are the additional
areas that we identified during our internal testing
for Create
1. List View
2. Quick Create
3. Add record button from related list
4. Summary View
5. My Calendar
6. Shared Calendar
7. Import
8. Mail Manager
9. Google Sync
10. Web services to create
11. Comments to add
for Edit
1. Mass Edit
2. Edit
3. Ajax Edit
4. Edit icon from related list
5. List View Edit
6. Calendar
7. My Calendar
8. Shared Calendar
9. Convert Lead
10. Google Sync
11. Find duplicates
12. Comments to edit
Please review <http://code.vtiger.com/vtiger/vtigercrm/merge_requests/90>
and let me know if you find any more areas.
*regards,Satish.Dvnk*
On Tue, Jun 21, 2016 at 3:56 PM, Sutharsan Jeganathan <ajstharsan at gmail.com>
wrote:
> Hi
>
> Thanks for the reply. I expect few more people review, mainly code.
>
> Did anyone check the code?
>
>
> Thanks
> Sutharsan Jeganathan
>
> On Mon, Jun 20, 2016 at 2:41 PM, Vikas Jain <vikas at vtiger.com> wrote:
>
>> Sutharsan done.
>>
>> On 20 June 2016 at 14:07, Sutharsan Jeganathan <ajstharsan at gmail.com>
>> wrote:
>>
>>> Hi Vikas
>>>
>>> Thanks. That issue we have noted. If possible log the issues at
>>> http://code.vtiger.com/sutharsan/vtigercrm/issues
>>>
>>>
>>> Thanks
>>> Sutharsan Jeganathan
>>>
>>> On Mon, Jun 20, 2016 at 12:46 PM, Vikas Jain <vikas at vtiger.com> wrote:
>>>
>>>> Jeganathan,
>>>>
>>>> Thank you for your contribution, I noted one things w.r.t migration.
>>>>
>>>> - Existing profiles should be migrated to add this new action for
>>>> each of the profiles.
>>>>
>>>>
>>>> On 19 June 2016 at 13:33, Sutharsan Jeganathan <ajstharsan at gmail.com>
>>>> wrote:
>>>>
>>>>> HI All
>>>>>
>>>>> Did anyone has a chance to check this?
>>>>>
>>>>>
>>>>> Thanks
>>>>> Sutharsan Jeganathan
>>>>>
>>>>> On Fri, Jun 10, 2016 at 9:53 PM, Sutharsan Jeganathan <
>>>>> ajstharsan at gmail.com> wrote:
>>>>>
>>>>>> Hi everyone
>>>>>>
>>>>>> The code of *Vtiger ACL changes to separate Create/Edit* is pushed
>>>>>> to http://code.vtiger.com/sutharsan/vtigercrm/tree/acl
>>>>>>
>>>>>> Refer the Branch ACL
>>>>>>
>>>>>> Still we need to fix few minor issue including what mentioned by *Błażej
>>>>>> Pabiszczak *such as
>>>>>>
>>>>>> 1. In quick creation of records you show modules, even though you
>>>>>> can't create records for them.
>>>>>>
>>>>>> 2. In other views, such as calendar, you show a button that
>>>>>> shouldn't be available. The same applies to starting the creation at the
>>>>>> graphical calendar level, where you can see the loader but nothing happens.
>>>>>> You can also see the button in record summary.
>>>>>>
>>>>>> 3. The same error exists in related modules – eg. Account > Quote.
>>>>>>
>>>>>> Once the community is reviewing the code we will try to fix above
>>>>>>
>>>>>> Appreciate whoever reviewing this
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Sutharsan Jeganathan
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, May 18, 2016 at 2:32 PM, Sutharsan Jeganathan <
>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>
>>>>>>> Hi
>>>>>>>
>>>>>>> Thanks for the review. The points 1 to 3 that we were aware and
>>>>>>> mostly tpl level changes required. We might have to fix after pushing it
>>>>>>> into code (while others reviewing the code we shall get some time)
>>>>>>>
>>>>>>> Point 4 : Not yet updated the portal
>>>>>>>
>>>>>>> Yes, It is our own code, which is working at one of our client (Appx
>>>>>>> 50 user Call center) with a slight complex ACL.
>>>>>>>
>>>>>>> We referred you code and got some Idea. Thank you. Anyway we have
>>>>>>> customized the is_permitted() function rather than other core
>>>>>>> modification. I believe this will enable some level of backward
>>>>>>> compatibility (including exetnsions)
>>>>>>>
>>>>>>> Once pushed to code.vtiger.com I will udpate here
>>>>>>>
>>>>>>>
>>>>>>> Thanks
>>>>>>> Sutharsan Jeganathan
>>>>>>>
>>>>>>> On Wed, May 18, 2016 at 1:24 PM, Błażej Pabiszczak <
>>>>>>> b.pabiszczak at yetiforce.com> wrote:
>>>>>>>
>>>>>>>> It's nice that someone took care of it in Vtiger. Is it your own
>>>>>>>> code, or is the solution copied from us? I'd gladly take a look at the code
>>>>>>>> to see how you dealt with it :] Here are a few comments:
>>>>>>>>
>>>>>>>> 1. In quick creation of records you show modules, even though you
>>>>>>>> can't create records for them.
>>>>>>>>
>>>>>>>> 2. In other views, such as calendar, you show a button that
>>>>>>>> shouldn't be available. The same applies to starting the creation at the
>>>>>>>> graphical calendar level, where you can see the loader but nothing happens.
>>>>>>>> You can also see the button in record summary.
>>>>>>>>
>>>>>>>> 3. The same error exists in related modules – eg. Account > Quote.
>>>>>>>>
>>>>>>>> 4. Are these permissions also considered in the Customer Portal?
>>>>>>>>
>>>>>>>> It would be good to take a look at our entire ACL, because we
>>>>>>>> introduced a number of changes just like this one, and all of them would be
>>>>>>>> useful in Vtiger.
>>>>>>>> ---
>>>>>>>> Z poważaniem / Regards
>>>>>>>>
>>>>>>>> *Błażej Pabiszczak*
>>>>>>>> *Chief Executive Officer*
>>>>>>>> M: +48.884999123
>>>>>>>> E: b.pabiszczak at yetiforce.com
>>>>>>>> ------------------------------
>>>>>>>>
>>>>>>>> YetiForce 3.0 LTS has arrived! Test
>>>>>>>> <https://gitdeveloper.yetiforce.com/> the latest, most innovative
>>>>>>>> open source system in the world, and join
>>>>>>>> <https://github.com/YetiForceCompany/YetiForceCRM> our community.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> W dniu 2016-05-15 10:00, Sutharsan Jeganathan napisał(a):
>>>>>>>>
>>>>>>>> @Prasad
>>>>>>>>
>>>>>>>> Here is the demo on the update on this topic we have done. (We have
>>>>>>>> a separation of Create / Edit at Role and Profile level )
>>>>>>>>
>>>>>>>> URL : http://vtu.radus28.com
>>>>>>>> User/ pass : admin / admin
>>>>>>>> Test Role : Marketing Team lead ( mmteamlead / 123456 )
>>>>>>>>
>>>>>>>>
>>>>>>>> I appreciate your (and others here) review regarding the ACL
>>>>>>>> perspective.
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>> Sutharsan Jeganathan
>>>>>>>>
>>>>>>>> On Fri, Apr 1, 2016 at 10:22 AM, Sutharsan Jeganathan <
>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi Prasad & Alan
>>>>>>>>>
>>>>>>>>> Good news. We have done the Create/Edit and successfully released
>>>>>>>>> to our client this week. Waiting for a week to see the results.
>>>>>>>>> If the results would be fine, I shall show a demo. At the moment
>>>>>>>>> it has been done only to Roles as Client doesn't need Profiles. But it
>>>>>>>>> won't be a big issue to update Profiles.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>
>>>>>>>>> On Fri, Mar 18, 2016 at 10:51 AM, Sutharsan Jeganathan <
>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi
>>>>>>>>>>
>>>>>>>>>> Thanks. I am thinking to restrict Create/Modify access control to
>>>>>>>>>> Report module, because of restricting roles generating reports
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Thanks
>>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>>
>>>>>>>>>> On Thu, Mar 17, 2016 at 10:15 PM, Prasad <prasad at vtiger.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Reports is not an entity module - so its conventions are not
>>>>>>>>>>> covered through standard action.
>>>>>>>>>>> Also, Reports is more of filter than record itself - so ACL
>>>>>>>>>>> might not add much value.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Prasad
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>>>>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Mar 17, 2016 at 5:08 PM, Sutharsan Jeganathan <
>>>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi Prasad
>>>>>>>>>>>>
>>>>>>>>>>>> We found the Reports actions are not under ACL (Roles).
>>>>>>>>>>>> Reports have only activate/inactive options but not Export and Create. The
>>>>>>>>>>>> Calendar view > Add button seems like not validated (loaded through js).
>>>>>>>>>>>>
>>>>>>>>>>>> Is there any chances of upgrading these in near future?
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks
>>>>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Mon, Mar 14, 2016 at 11:42 AM, Prasad <prasad at vtiger.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Sutharsan,
>>>>>>>>>>>>>
>>>>>>>>>>>>> ACL design docs is not available. We have feature documented:
>>>>>>>>>>>>> https://wiki.vtiger.com/index.php/Sharing_Access
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>>>>>>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Mon, Mar 14, 2016 at 11:30 AM, Sutharsan Jeganathan <
>>>>>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Prasad
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Do you have any design notes or developer documents regarding
>>>>>>>>>>>>>> ACL. If so could you please share?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Mon, Mar 14, 2016 at 10:11 AM, Prasad <prasad at vtiger.com>
>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Sutharsan,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> If we use before save event will it work to web services?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Yes it should.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> * Optimization might be required for bulk actions though.
>>>>>>>>>>>>>>> * Workflow might break unexpectedly with this feature that
>>>>>>>>>>>>>>> needs attention.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>>>>>>>>>>> <https://blogs.vtiger.com> I Website
>>>>>>>>>>>>>>> <https://www.vtiger.com/>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Mon, Mar 14, 2016 at 9:09 AM, Sutharsan Jeganathan <
>>>>>>>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Not sure how much effort is needed, but what we are trying
>>>>>>>>>>>>>>>> the combination of tpl. handler and before save event.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> @Prasad : If we use before save event will it work to web
>>>>>>>>>>>>>>>> services?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Mon, Mar 14, 2016 at 3:22 AM, Luca saba <
>>>>>>>>>>>>>>>> lucasaba at gmail.com> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Wouldn't be possible to add an event inside the acl? The
>>>>>>>>>>>>>>>>> handler could manage a new set of permissions.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> In this way there would be less needed effort inside the
>>>>>>>>>>>>>>>>> core and there would be a lot of new available features to the developers.
>>>>>>>>>>>>>>>>> Il 13/mar/2016 17:31, "Prasad" <prasad at vtiger.com> ha
>>>>>>>>>>>>>>>>> scritto:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> tpl alone is not sufficient as webservices need to be
>>>>>>>>>>>>>>>>>> also taken care which is used with workflows...
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>>>>>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>>>>>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I
>>>>>>>>>>>>>>>>>> Blog <https://blogs.vtiger.com> I Website
>>>>>>>>>>>>>>>>>> <https://www.vtiger.com/>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> On Sun, Mar 13, 2016 at 1:21 PM, Sutharsan Jeganathan <
>>>>>>>>>>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Hi
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> We are thinking about another layer of validation of acl
>>>>>>>>>>>>>>>>>>> without modifying standard acl. But this requires tpl level and before save
>>>>>>>>>>>>>>>>>>> validations.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> What do you think?
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>>>>>>> Sutharsan jeganathan
>>>>>>>>>>>>>>>>>>> On 11 Mar 2016 15:47, "Alan Lord" <alanslists at gmail.com>
>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> On 11/03/16 05:02, Sutharsan Jeganathan wrote:
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> Hi
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> I am sure this can be done in tpl level and we have
>>>>>>>>>>>>>>>>>>>>> done too. I would
>>>>>>>>>>>>>>>>>>>>> like to separate the privilges "Create" and "Edit" in
>>>>>>>>>>>>>>>>>>>>> profile level,
>>>>>>>>>>>>>>>>>>>>> because the admin have to customize those privileges
>>>>>>>>>>>>>>>>>>>>> heavily.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Would love to see this, have requested it before, but I
>>>>>>>>>>>>>>>>>>>> think it will be a lot of work...
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Al
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>>
>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://www.vtiger.com/
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://www.vtiger.com/
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards
>>>> Vikas
>>>> Vtiger Team
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>>
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>
>>
>>
>> --
>> Regards
>> Vikas
>> Vtiger Team
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20160727/32b6da84/attachment-0001.html>
More information about the vtigercrm-developers
mailing list