[Vtigercrm-developers] Separating Create/Edit into 2 separate Role/Profile permissions

Błażej Pabiszczak b.pabiszczak at yetiforce.com
Wed May 18 07:54:57 GMT 2016


It's nice that someone took care of it in Vtiger. Is it your own code,
or is the solution copied from us? I'd gladly take a look at the code to
see how you dealt with it :] Here are a few comments: 

1. In quick creation of records you show modules, even though you can't
create records for them. 

2. In other views, such as calendar, you show a button that shouldn't be
available. The same applies to starting the creation at the graphical
calendar level, where you can see the loader but nothing happens. You
can also see the button in record summary. 

3. The same error exists in related modules - eg. Account > Quote. 

4. Are these permissions also considered in the Customer Portal? 

It would be good to take a look at our entire ACL, because we introduced
a number of changes just like this one, and all of them would be useful
in Vtiger.

---
Z poważaniem / Regards 

BŁAŻEJ PABISZCZAK 
_Chief Executive Officer_ 
M: +48.884999123
E: b.pabiszczak at yetiforce.com 
-------------------------

YetiForce 3.0 LTS has arrived! Test [6] the latest, most innovative open
source system in the world, and join [7] our community. 

W dniu 2016-05-15 10:00, Sutharsan Jeganathan napisał(a):

> @Prasad
> 
> Here is the demo on the update on this topic we have done. (We have a separation of Create / Edit at Role and Profile level )
> 
> URL : http://vtu.radus28.com User/ pass :  admin / admin Test Role : Marketing Team lead ( mmteamlead / 123456 ) 
> 
> I appreciate your (and others here) review regarding the ACL perspective.  
> 
> Thanks Sutharsan Jeganathan 
> 
> On Fri, Apr 1, 2016 at 10:22 AM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi Prasad & Alan
> 
> Good news. We have done the Create/Edit and successfully released to our client this week. Waiting for a week to see the results.  If the results would be fine, I shall show a demo. At the moment it has been done only to Roles as Client doesn't need Profiles. But it won't be a big issue to update Profiles.
> 
> Thanks 
> Sutharsan Jeganathan 
> 
> On Fri, Mar 18, 2016 at 10:51 AM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi
> 
> Thanks. I am thinking to restrict Create/Modify access control to Report module, because of restricting roles generating reports
> 
> Thanks Sutharsan Jeganathan 
> 
> On Thu, Mar 17, 2016 at 10:15 PM, Prasad <prasad at vtiger.com> wrote:
> 
> Reports is not an entity module - so its conventions are not covered through standard action. 
> Also, Reports is more of filter than record itself - so ACL might not add much value. 
> 
> Regards, 
> Prasad 
> 
> -- 
> FB [1] I Twit [2] I LIn [3] I Blog [4] I Website [5] 
> On Thu, Mar 17, 2016 at 5:08 PM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi Prasad
> 
> We found the Reports actions are not under ACL (Roles).  Reports have only activate/inactive options but not Export and Create.  The Calendar view > Add button seems like not validated (loaded through js).
> 
> Is there any chances of upgrading these in near future? 
> 
> Thanks 
> Sutharsan Jeganathan 
> 
> On Mon, Mar 14, 2016 at 11:42 AM, Prasad <prasad at vtiger.com> wrote: 
> 
> Sutharsan,
> 
> ACL design docs is not available. We have feature documented: 
> https://wiki.vtiger.com/index.php/Sharing_Access 
> 
> -- 
> FB [1] I Twit [2] I LIn [3] I Blog [4] I Website [5] 
> On Mon, Mar 14, 2016 at 11:30 AM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi Prasad
> 
> Do you have any design notes or developer documents regarding ACL. If so could you please share?
> 
> Thanks Sutharsan Jeganathan 
> 
> On Mon, Mar 14, 2016 at 10:11 AM, Prasad <prasad at vtiger.com> wrote: 
> 
> Sutharsan,
> If we use before save event will it work to web services? 
> 
> Yes it should.  
> 
> * Optimization might be required for bulk actions though.  
> * Workflow might break unexpectedly with this feature that needs attention. 
> 
> -- 
> FB [1] I Twit [2] I LIn [3] I Blog [4] I Website [5] 
> On Mon, Mar 14, 2016 at 9:09 AM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi
> 
> Not sure how much effort is needed, but what we are trying the combination of  tpl. handler and before save event.
> 
> @Prasad : If we use before save event will it work to web services?
> 
> Thanks Sutharsan Jeganathan 
> 
> On Mon, Mar 14, 2016 at 3:22 AM, Luca saba <lucasaba at gmail.com> wrote: 
> 
> Wouldn't be possible to add an event inside the acl? The handler could manage a new set of permissions. 
> 
> In this way there would be less needed effort inside the core and there would be a lot of new available features to the developers.
> 
> Il 13/mar/2016 17:31, "Prasad" <prasad at vtiger.com> ha scritto:
> 
> tpl alone is not sufficient as webservices need to be also taken care which is used with workflows... 
> 
> -- 
> FB [1] I Twit [2] I LIn [3] I Blog [4] I Website [5] 
> On Sun, Mar 13, 2016 at 1:21 PM, Sutharsan Jeganathan <ajstharsan at gmail.com> wrote:
> 
> Hi 
> 
> We are thinking about another layer of validation of acl without modifying standard acl. But this requires tpl level and before save validations. 
> 
> What do you think? 
> 
> Thanks 
> Sutharsan jeganathan
> 
> On 11 Mar 2016 15:47, "Alan Lord" <alanslists at gmail.com> wrote:
> On 11/03/16 05:02, Sutharsan Jeganathan wrote:
> Hi
> 
> I am sure this can be done in tpl level and we have done too.  I would
> like to separate the privilges "Create" and "Edit" in profile level,
> because the admin have to customize those privileges heavily. 
> Would love to see this, have requested it before, but I think it will be a lot of work...
> 
> Al
> 
> _______________________________________________
> http://www.vtiger.com/

_______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ _______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ _______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ _______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ 
_______________________________________________
http://www.vtiger.com/ 

Links:
------
[1] http://www.facebook.com/vtiger
[2] http://twitter.com/vtigercrm
[3] https://www.linkedin.com/company/1270573?trk=tyah
[4] https://blogs.vtiger.com
[5] https://www.vtiger.com/
[6] https://gitdeveloper.yetiforce.com/
[7] https://github.com/YetiForceCompany/YetiForceCRM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20160518/18c4fc7f/attachment.html>


More information about the vtigercrm-developers mailing list