Custom access checker

goingUp

Junior Member

Join Date: Sep 2024

Posts: 22
Share

Tweet
#1

Custom access checker

Today, 11:14 AM

I added a custom AccessEntityCREDSChecker for Contact. It gives read and edit Contact access, if User has access to some related entity. `checkEntityRead` fires, but `checkEntityEdit` doesn’t and the Edit button is hidden in contact edit form. Seems like check is performed on frontend and doesn't reach backend.

I tried to set edit access on contact to 'own', but it doesn't help. Can I disable check on frontend, or maybe custom ownership checker will be better?
Tags: None
yuri

EspoCRM product developer

Join Date: Mar 2014

Posts: 9216
Share

Tweet
#2

Today, 11:21 AM

The frontend is checked separately: https://docs.espocrm.com/development...ient-defs/#acl

This allows to resolve 'edit' access when not enough data is loaded. E.g. treat as has-access to show the edit button in such cases.

Otherwise, we would need to check access for each row in a list.

If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.
Comment

Comment