Announcement

Collapse
No announcement yet.

Tasks Role Permission Conflict

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Tasks Role Permission Conflict

    Hi EspoCRM Team!

    We have been using EspoCRM to asign tasks between users and it works GREAT. Each department can ONLY see their own assigned tasks.

    Here is the conflict (NOT EspoCRM issue):
    • When a user creates a task assigned to a person of another department, the system shows "Error 403: You don't have an access to this area".
    • We know this is because the task has been assigned to the user and the task's creator isn't supposed to see it any more.
    However, it would be nice if the users can also see the tasks that have been created/assigned by them for follow up purpose.

    Is there any "flexible" permission setup or maybe a workflow we can use?

    Thanks a lot.

  • #2
    Hi Pablo,

    I couldn't come up with any appropriate solution for your case but customizing a bit.

    Two files to be created.

    custom/Espo/Custom/SelectManagers/Task.php
    PHP Code:
    <?php

    namespace Espo\Custom\SelectManagers;

    class 
    Task extends \Espo\Modules\Crm\SelectManagers\Task
    {    
        protected function 
    accessOnlyOwn(&$result)
        {        
              
    $result['whereClause'][] = [
                
    'OR' => [
                    
    'assignedUserId' => $this->getUser()->id,
                    
    'createdById' => $this->getUser()->id
                
    ]
             ];
        }
    }

    custom/Espo/Custom/Acl/Task.php
    PHP Code:
    <?php

    namespace Espo\Custom\Acl;

    use \
    Espo\Entities\User;
    use \
    Espo\ORM\Entity;

    class 
    Task extends \Espo\Core\Acl\Base
    {
        public function 
    checkEntityRead(User $userEntity $entity$data)
        {
            if (
    $this->checkEntity($user$entity$data'read')) {
                return 
    true;
            }
            
            if (
    $user->id === $entity->get('createdById')) {
                
    retutn true;
            }
            
            return 
    false;
        }
    }

    Note, I didn't check whether the code is running. There can be mistakes.
    Last edited by yurikuzn; 02-03-2018, 08:35 PM.

    Comment

    Working...
    X