SecuritySuite - SuiteCRM and CE Teams

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Free 30 day trial

Try it Now

By clicking you consent to share your profile with the developer

#3523 - Support needed to set up some groups

In Progress General Question created by jabbas 6 years ago

Hello,

We're struggling with setting up our permissions in SecuritySuite. Would it be possible to get some assistance?

Thanks, Andrew

eggsurplus Provider Affiliate
6 years ago

Hi Andrew,

There is definitely a learning curve to it. I'm happy to help. What are you trying to accomplish, how have you tried to set it up so far, and what are you running into right now?

reply
jabbas
6 years ago
Hello, thanks for getting back to me. I've attached a diagram to explain our scenario..

So, starting at the top, our set up should look like this..
1. a manager group which has permissions to see everything but cannot edit any system settings.
2. a validators group which can see everything but not edit system settings
3. several specific broker groups. Each of these needs to be able to assign activities / tasks to the validators but should not be able to edit any system settings and should not be able to see other brokers on the system either when you click the arrow button to assign something to a user or you start typing a username in the assignment input box.
What I have tried so far:
1. a broker group which contains the specific broker groups with a role set on it to restrict users (owner only)
2. several broker groups in this with their role set to group only
3. a validator group with no role set
4. a support group around the validators and the brokers groups with permissions set to all
5. changed settings (see image)
This was the closest I got. Brokers couldn't view other users and specific brokers could only see their contacts BUT, they couldn't assign validators to tasks (because they couldn't see them), and when adding users to each specific broker group, they could only see contacts which had been assigned to them.

Any help / direction much appreciated!

Thanks

Andrew
reply
- eggsurplus Provider Affiliate
  6 years ago
  
  Thanks Andrew.
  
  From what you describe I don't see any mention of one group not being able to see another group (leaving aside the user assignment requirement you have). If that is the case then SecuritySuite may not be the answer here for you. SecuritySuite is meant for having multiple groups at the same level, for example Broker Group A and Broker Group B, where both groups cannot see the records from the other.
  
  For the requirement of brokers not being able to assign to other brokers, that is a pretty specific requirement that will require customizing what Sugar returns for that user list. You could even do this without groups by having a field on the User record such as "Type" with values of Validator or Broker. Then if the current user is a Broker filter out all Brokers.
  
  There are three spots in include/utils.php where you would need to add your custom logic. In the get_user_array, getUserArrayFromFullName, and get_bean_select_array functions. This would require someone with development experience to alter correctly. Unfortunately it isn't something that I would be able to do with you, but hopefully this gives you a good head start.
  
  reply

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.

Saving Comment...

SecuritySuite - SuiteCRM and CE Teams

#3523 - Support needed to set up some groups

"Incredibly useful. It's one of the first features you need. This needs to be part of the core product." - MTP

Other Add-Ons of interest

Upsert® Connector for Slack

Faye SugarCRM QuickBooks Online Integration

Upsert® Focused Views

ADD-ONS

SOLUTIONS

RESOURCES

ABOUT