
Security roles
Collapse
X
-
Hello @Maximus,
another tentative approach: we would like to configure the system in a way that each team can read all contacts from other teams with one exception. Contacts owned by "Team GL" are only visible for itself and for "Team UK" in read only mode. Other teams shall not have access to contacts owned by "Team GL".
Is there a way to configure the system without customer-specific programming?
Thanks for response AriLeave a comment:
-
Hello Ari,
Sorry for the delayed reply.
I was wrong. If a user has multiple roles, then they will be merged so that the permissive rule will have a higher priority. So in your case, the easiest way is to create a dynamic handler to hide these fields https://docs.espocrm.com/development/dynamic-handler/.Leave a comment:
-
Thanks for your suggestion. I have tried to implement the idea above but unfortunately it doesn't work.
It does not matter which user (Team A or Team B or Team C) I use, it doesn't show the hidden fields any more.
Any farther ideas?Leave a comment:
-
Hi,
For your scenario you need:
1. Create a Team 'C' (for the staff with the restricted access)
2. Create a Role for the Team 'C' (you can specify a 'field level' permission in the role). Assign the Team 'C' to the new role.
3. Add users of the Team 'A' into the Team 'C'.
4. Assign Team 'C' to all the records of the Team 'B'.Leave a comment:
-
Security roles
Hi,
I have a question. We have several teams in ESPO database. Each member of a team can read and edit contacts of the own team. All contact fields are visible for team members.
The role "member" in the team is set:
Contacts: READ = team,
We would like to configure the system in a way that team members from team a can also read contacts from team b but with the limitation that certain information is hidden. E.g. when member of team a access a contact of team b he cannot see the fields mail, telephone, birthday , other information is visable.
How can we achieve such configuration?
Any ideas?
Thanks
Ari
Tags: None
Leave a comment: