Tweet
Hi,
I read all posts in the forum about hiding fields but I can't make it work.
My goal is to hide personal data (email, address...) in Contact entity if the user is not an assigned users, collaborators or a team member.
This is for security and confidentiality reason.
The records of the Contact entity is read : all, to avoid duplicate, and to know who knows the customer.
But I want to hide the email address (and even address and phone) if not assigned/team/collaborator.
I tried with custom views https://docs.espocrm.com/development/custom-views/ but it's not "clean" and it's possible to export the email and see it in the console/inspector.
Desired solution: I'd like a proper backend implementation (access checker, or ACL filter but on field ?) that enforces this at the server level.
The logic seems simple, especillay with a basic rule like : hide emailAddress if not assignedUsers.
But I could not find a clean way to do it.
Any guidance or code examples ?
Thanks in advance for your help
I read all posts in the forum about hiding fields but I can't make it work.
My goal is to hide personal data (email, address...) in Contact entity if the user is not an assigned users, collaborators or a team member.
This is for security and confidentiality reason.
The records of the Contact entity is read : all, to avoid duplicate, and to know who knows the customer.
But I want to hide the email address (and even address and phone) if not assigned/team/collaborator.
I tried with custom views https://docs.espocrm.com/development/custom-views/ but it's not "clean" and it's possible to export the email and see it in the console/inspector.
Desired solution: I'd like a proper backend implementation (access checker, or ACL filter but on field ?) that enforces this at the server level.
The logic seems simple, especillay with a basic rule like : hide emailAddress if not assignedUsers.
But I could not find a clean way to do it.
Any guidance or code examples ?
Thanks in advance for your help
Comment