by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Free 30 day trial
Try it Now

#413 - How to create Unique layouts for a group but not use the group visiblity to filter the records.

Closed General Question created by 5 years ago

I think I am missing something. In the Commercial version of Sugar you can set fields to Hide or Readonly based on Role. Based on a previous question about your product, I now know how to do that (thanks for your reply), but when I create a Group, set the User to the Group and define the layout (eg EditView) for the Group, it also filters records for the User so when the User logs in, they see the new layout - great, but they don't see records they once had visibility to. What am I doing wrong? I have a feeling that the Group the User belongs to filters records as well sets custom layouts. I just want to use Groups to set custom layouts for the User belonging to the Group and not use the Group feature to filter records.

  1. eggsurplus member avatar

    eggsurplus Provider Affiliate

    5 years ago

    To not use the Group feature to filter records, simply do not set any of the cells in the Role grid to Group.

    To set custom layouts for each Group you go to Studio and for the desired module click on the Layouts name in the navigation tree on the left. Not the plus symbol, but the Layout label. Here you can copy an existing layout to any group that you have created.

    Once you Save Studio will refresh. Then you can open that Layouts folder and see the Default layout and the new Group layout. From there just use Studio as you normally would.

  2. vpoehlmann member avatar

    5 years ago

    Ok. I think what is happening is that the User is inheriting the Role even though the User is not associated with the Role, but the Role is associated with a Group to which the User is associated directly as well.
    Here is what I found and perhaps you can repeat this:
    [1] Create a Role where there is a listview restriction of Owner on a particular module
    [2] Create a Group and associate the Role in Step [1] with this newly created Group
    [3] Create a User and associate the User to the Group in Step [2].
    [4] Look at the Access profile matrix of the User and all is Green (Enabled or All) as expected.
    [5] Not associate the Role created in Step [1] with the Role created in Step [2].
    [6] Look at the Access profile matrix of the User again, but this time it shows the restrictions defined for the Role even though the User is not directly associated with the Role.

    Perhaps this is the way Security Group is supposed to be? If so, then I should really consider associating Users to Groups directly just like how we associated Users to Roles, but not associated Roles to Groups.

    Thanks.

  3. vpoehlmann member avatar

    5 years ago

    Forgot to add: Sugar version is Community Edition 6.5.15

  4. vpoehlmann member avatar

    5 years ago

    Step [5] should read .... [5] Now associate the Role created in Step [1] with the Group created in Step [2].

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      5 years ago

      Correct, it will inherit roles. You can simply turn on the User Role Precedence option and any role directly assigned to a user will completely override any inherited roles from the groups. Without that checked, it will just return the greatest of rights from all roles directly or indirectly associated to a user.

  5. vpoehlmann member avatar

    5 years ago

    Ok. My use case above did not have any role assigned to the User, but the key it to at least assign one role. I tried this and all is good.

    A lot of thought has gone into the configuration of this comprehensive module. Great work to say the least.

    • eggsurplus member avatar

      eggsurplus Provider Affiliate

      5 years ago

      Thanks! I appreciate seeing folks like yourself finding great value in it. Let me know if you have any other questions.

      -Jason

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
Rating
Rating
  • "SecuritySuite was a very good addition to our SugarCRM implementation helping to integrate different functional teams with strictly specified roles."

    Read More Reviews

Keep up to date on the latest additions

We'll send you an email every month with handpicked add-ons, reviews, tricks and tips. Don't worry, we hate spam as much as you do.