by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Cancel at any time!
Free Trial

#133 - Documentation help on how security groups work

Closed Feature created by crmadmin 6 years ago

When we add security groups to a user, all meetings disappear. If the user doesn't have any security groups, the meetings show up fine. We have verified that the correct association is in the securitygroups_records table but can't figure out why having a role hides the meetings and not having it shows them.

  1. eggsurplus member avatar

    eggsurplus Provider Affiliate

    6 years ago

    It all depends on both the role(s) assigned directly to the user or to the user's group(s) and on the SecuritySuite Settings page. If the meetings disappear, it may be that the groups being assigned to the user have a role with Group only permissions meaning the user can only see meetings that are also assigned to the same group(s). With no groups he may have All permissions which allow him to see all meetings. It can get tricky if the "Strict Rights" setting is turned on. In this situation, it depends on which group is assigned to the meeting for which role gets applied to the user.

  2. crmadmin member avatar

    crmadmin

    6 years ago

    So, do we assign roles AND Security Groups to users, or just roles and they get security groups from the assigned role?

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      6 years ago

      You for sure need to assign Security Groups to both users and the records they should have access to. Going forward, records will automatically have groups assigned to them upon creation based on your inheritance rules that you have set up. Roles need to be assigned at least to the user and/or the Security Group(s). It is a matter of personal preference for managing roles. I prefer to assign a general role to each Group and for unique cases assign a custom role to a user when needed.

  3. crmadmin member avatar

    crmadmin

    6 years ago

    So we have roles assigned to the security groups and security groups assigned to the user. Should this be sufficient or do we need to have roles AND security groups assigned to the user?

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      6 years ago

      That's sufficient for that piece. You can verify that the permissions propagate down to the user correctly by viewing the user record and checking out the Access grid.

      The other key piece is that the groups need to be assigned to the records as well (meetings, leads, contacts, etc). This helps determine which records a user has access to (if they have Group permissions for a certain module and action).

  4. eggsurplus member avatar

    eggsurplus Provider Affiliate

    5 years ago

    Closing this out, but feel free to follow up if additional help is needed.

    Here is a good primer doc for anyone else that comes across this: https://www.sugaroutfitters.com/docs/securitysuite/example-of-a-typical-setup

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
Rating
Rating
  • "The perfect solution for managing security. Very stable and easy to implement. Must-have add-on for every CE implementation!"

    Read More Reviews

Keep up to date on the latest additions

We'll send you an email every month with handpicked add-ons, reviews, tricks and tips. Don't worry, we hate spam as much as you do.