Trouble with ACL (may be bug)

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • dimyy
    Active Community Member
    • Jun 2018
    • 569

    Trouble with ACL (may be bug)

    Put an experiment:

    Create role GA (group access) - group access to task
    Create role PA (personal access) - personal access to task

    Create group GA / role GA
    Create group PA / role PA

    Create user Magic with assigned groups GA, PA

    Create task with assigned group PA (no GA) and assigned user NoName

    The user Magic has access to the created task, although it seems to me that he should not.

    Task in group with personal access and user Magic not assigned to this task.



  • yuri
    Member
    • Mar 2014
    • 8440

    #2
    You misunderstand how roles works in EspoCRM.

    - User is a member of both Teams. (there are no groups in EspoCRM).
    - User has a single (merged from all related roles) access levels table applied (Admin can check what access levels are applied at users's detail view).
    - Task is assigned to one of Users Teams.
    - User can see the Task, because Task is one of User's teams and User has a read access level 'team'.
    Last edited by yuri; 04-14-2020, 10:34 AM.
    If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

    Comment

    • dimyy
      Active Community Member
      • Jun 2018
      • 569

      #3
      It's clear. But at the same time, the system of rights takes into account only the presence or absence of the entity team and not the role in this team.
      (In my post Group equal Team. Double translation eng->ru->eng issue)

      Comment

      Working...