Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.
#4118 - Apply security groups rules in custom php script called by ajax working with beans
Hi, I have de following code
<?php define('sugarEntry', TRUE); chdir('../../../../'); require_once('include/entryPoint.php');
global $current_user; $current_user->retrieve($_REQUEST['current_user_id']);
$socios = BeanFactory::getBean('Contacts');
How to apply user security group rules to this bean?
Regards Adolfo
-
"SecuritySuite was a very good addition to our SugarCRM implementation helping to integrate different functional teams with strictly specified roles."
Read More Reviews
- Most Recent Love from Users
kacsoristvan- damien8105
- anri
- Administrador
- Stefano1
- einkauf2
4 years ago
Hi Adolfo,
I'm not quite understanding what you are asking here. The rules are applied automatically through that contact bean based on the current user.
Are you wanting to add or remove a group to that contact?
4 years ago
I'm calling a custom php script with ajax to populate data in edit view, the php script receive logued in user id however the script can access all beans data regardless the sceurity group the user belongs to.
Hope you can understand the question
4 years ago
Were you able to confirm that current_user loaded correct after doing the retrieve?
Can you also post the logic for accessing the beans? I'm only seeing the getBean for an empty Contact bean (socios). For those that are returning, is the securitygroup assigned to those records in the CRM and does the securitygroup or user have a role assigned to them that limits the contacts module list rights to Group? You should be able to go to the user's record and click on the Access tab to see if Contacts->List is set to Group, Owner, or None. If it is All then permission configuration needs to be addressed.
4 years ago
There is no logic hook, is a standalone php script called from javascript,
js code:
$.getJSON('custom/modules/CLUB_Tarjetas/php/obtener_socio.php?nro_socio=' + $('#nro_socio').val() + '¤t_user_id=' + current_user_id , function(data){
});
php code:
<?php define('sugarEntry', TRUE); chdir('../../../../'); require_once('include/entryPoint.php');
global $current_user; $current_user->retrieve($_REQUEST['current_user_id']);
$socios = BeanFactory::getBean('Contacts');
if(!empty($_REQUEST['nro_socio'])){
$socio = $socios->retrieve_by_string_fields( array( 'nro_socio_c' => $_REQUEST['nro_socio'], ) ); }
4 years ago
Can you confirm if current_user actually has the current user?
If so, I've seen a weird case where you need to use $GLOBALS['current_user'] instead. Might be worth using that.
4 years ago
$GLOBALS['current_user'] makes no difference
$GLOBALS['current_user']->retrieve($_REQUEST['current_user_id']); retreive de user bean but it can access all contacts records, security group wokr well in list view
shouldn't I require some security groups scripts? is enough require_once('include/entryPoint.php');?
4 years ago
Can you check the permissions question I asked as well? Check the Access tab for the user you are testing. Make sure Contacts->List is set to anything other than All. If it is set to Group then check the contact records you do not expect to return to see if that group is associated to the record or if the current user is the assigned to user or the created by user.
No security groups scripts need to be included. The bean takes care of all security as long as the current_user is set and the session is caching the roles correctly.
4 years ago
Were you able to figure something out for this? Closing for now, but feel free to follow up if needed.