[Vtigercrm-developers] Interested? Multiple Portals with different permissions

S T Prasad stprasad at stprasad.com
Thu Jul 4 08:54:39 GMT 2019 

Guess you could initiate a git and we could move the action there.
Plenty of ways to skin the cat, but we have to start somewhere.

With best regards,

S.T.Prasad (Skype: stprasad at stprasad.com)
Founder and Chief Shikari
http://www.vtigress.com
The Purr-fect mate for vTiger
Certified Solution Partner for Asia and Africa


On Thu, Jul 4, 2019 at 2:20 PM nilay khatri <nilay.spartan at gmail.com> wrote:

> Any more thoughts?
>
> On Tue, Jun 25, 2019 at 1:51 PM nilay khatri <nilay.spartan at gmail.com>
> wrote:
>
>> Thanks Blazej for the heads up.
>>
>> I am going through the code and will come back with a roadmap.
>>
>>
>> On Mon, Jun 24, 2019 at 11:16 PM Błażej Pabiszczak <
>> b.pabiszczak at yetiforce.com> wrote:
>>
>>> It’s worth checking how the portal was created in our system in order to
>>> be able to follow a similar logic or architecture. The portal consists of a
>>> few elements:
>>>
>>> 1. A panel to manage applications: a place to grant permissions (user,
>>> password, type of access) for different apps, for example Client Portal,
>>> Partner Portal, Vendor Portal, Payments, etc. Any app that tried to get
>>> access from outside
>>>
>>>
>>> https://gitdeveloper.yetiforce.com/index.php?module=WebserviceApps&view=Index&parent=Settings&block=5&fieldid=100
>>>
>>>
>>> 2. A panel to manager users for the application: allows you to set
>>> default language and storage, and permissions for the external app, eg.:
>>> - permissions based on a user
>>> - permissions based on a contact
>>> - permissions based on a contact and an account the contact is assigned
>>> to
>>> - permissions based on a contact and an account the contact is assigned
>>> to and all accounts in hierarchy
>>> Additionally, the system shows in the application only the records
>>> flagged as “available from outside”.
>>>
>>>
>>> https://gitdeveloper.yetiforce.com/index.php?module=WebserviceUsers&view=List&parent=Settings&block=5&fieldid=106
>>>
>>>
>>> 3. Users’ actions (create, edit, preview, access to modules, etc.)
>>> depend on the profile assigned to a user configured in the panel to manage
>>> users for the application.
>>>
>>> 4. The widgets visible in the client’s panel are also loaded directly
>>> from the CRM configuration (what you can see in the panel are the same
>>> widgets that the user can see, but the permissions are “substituted” with
>>> the right ones, according to what I described in the 2nd point). The
>>> panel can be found here:
>>> https://gitdeveloper.yetiforce.com/index.php?module=WidgetsManagement&parent=Settings&view=Configuration&sourceModule=Home the
>>> “add role” option allows you to add an application type role (customer
>>> portal).
>>>
>>> 5. The last element is the customer portal that can be run on many
>>> domains with different configurations. Apart from managing all standard
>>> entity type modules it also has a built-in store (POS) that allows you to
>>> run versions in a stationary store for quick orders and receipt print.
>>> Additionally, online payments were added to the client panel. You can find
>>> the test version here
>>> https://gitdeveloper.yetiforce.com/portal/index.php?module=Products&view=Tree>>> it looks better if you add a picture.
>>>
>>> We’re finishing the portal (took us 2 months) and in 2-3 weeks it’s
>>> going to be released together with v5.2. It would be worth it to take
>>> advantage of ideas and knowledge we used there because it at least
>>> partially covers the ideas you describe here. In the following versions
>>> we’ll add management for internal comments, chat, documents, notifications,
>>> internal inbox, etc.
>>>
>>> One thing worth mentioning is that we removed that portal from Vtiger
>>> (and later also MYC) around 2 – 3 years ago due to security threats it
>>> posed, and from what I see not much has changes in these portals (you can
>>> still overwrite any record from the CRM regardless of permissions).
>>> --
>>> Z poważaniem / Kind regards
>>> Błażej Pabiszczak
>>>
>>>
>>>
>>>
>>> W dniu 2019-06-24 12:47, nilay khatri napisał(a):
>>>
>>> @Alan yes, the difference would be that, the portal users get access to
>>> only data which belongs to them or the Organization. But in case if portal
>>> users are granted access to CRM, then it becomes complicated and some times
>>> unachievable to restrict access only to Contact/Organization.
>>>
>>> I am talking in terms of using portal not just for customer support but
>>> also, as for partners, resellers, employees, distributors, vendors etc..
>>>
>>> @Tony, yes the whole topic here is about the ability to make portal
>>> configurable such that it could be used in various scenarios including
>>> Projects.
>>>
>>>
>>>
>>> On Sat, Jun 22, 2019 at 3:41 PM Tony Sandman <tonysandman999 at gmail.com>
>>> wrote:
>>>
>>>> Was thinking of configuring privileges in the way, so customer can
>>>> interact with Project and see projects tasks.
>>>> I don't see the way at the moment - unless two users will be assigned
>>>> to one record....
>>>>
>>>> On Fri, Jun 21, 2019 at 5:11 PM Alan Lord <alanslists at gmail.com> wrote:
>>>>
>>>>> On 21/06/2019 10:33, nilay khatri wrote:
>>>>> > Okay, get your point.
>>>>> >
>>>>> > One might suggest linking the Roles with Portal. So instead of
>>>>> defining
>>>>> > the permissions in Portal configuration, whatever permissions are
>>>>> > defined in the Role would be applied.
>>>>> >
>>>>> > But, then why do we need a Portal :) ?
>>>>>
>>>>> I kind of agree with this. I've said it to several customers before -
>>>>> why not just create some restricted user profiles and roles and let
>>>>> them
>>>>> login that way, but there is an argument for a very limited interface
>>>>> -
>>>>> like the portal, and also the portal can fairly easily be placed on
>>>>> the
>>>>> public side of a corporate network and just the Portal<->vtiger API
>>>>> comms allowed through the firewall.
>>>>>
>>>>> But it's kind of the point. IMHO the portal should be a "small" or
>>>>> "simple" view of the CRM. It should be configurable to the same extent
>>>>> as the CRM. Placing arbitrary restrictions on what can be done and/or
>>>>> by
>>>>> whom is not something which should be dictated by the system itself.
>>>>> These are dictated by the specific business needs and none of us can
>>>>> realistically expect to predict all of the possible use-cases...
>>>>>
>>>>>
>>>>> HTH
>>>>>
>>>>>
>>>>> Al
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20190704/72afac92/attachment-0001.html>

More information about the vtigercrm-developers mailing list