[Vtigercrm-developers] important: no restrictions used in emailed reports
Alan Lord
alanslists at gmail.com
Wed Jun 20 10:56:58 GMT 2018
Err, reports _do_ honour the ACL in the sense that, if for example,
Organisations are set to Private and you, as a restricted user, try to
generate a report for all Organisations, you will only get those
Organisations that you are permitted to view in the output.
If you then have the Export tool disabled for Organisations in your
Profile, then you should not receive the email with the csv, and the
"Export CSV/Excel" buttons will not be visible in the Report view.
Al
On 20/06/18 11:39, Alex Hall wrote:
> Correct. Users can schedule reports that get emailed to them at the
> schedule they set. It is these reports that don't honor the ACL the rest
> of Vtiger does, and that's the problem. Obviously, we've disabled the
> entire scheduled reports option for now, but it's one aspect of Vtiger
> that everyone really likes to use. I'd like to turn it back on, but
> van't until we can get it to use the same restrictions for the target
> user that the user would have across the rest of the site. The other IT
> guy at my work is currently looking into changing the source to use the
> same controls that non-scheduled reports use, but he's not had any luck
> so far.
More information about the vtigercrm-developers
mailing list