AcL to read all records of an entity belonging to the same account seem to be ignored

Most likely, the problem is in the Relationships. Please send screenshots from Administration > Entity Manager > Account > Relationships (relationships with Entity A and Entity B are of interest).

Portal Role options account and contact are very sensitive to Link in Relationship (screenshots 1, 2).
These options will only work if:

• When Link will be called account, contact for Link Types: One-to-One Left, One-to-One Right and Many-to-One (screenshot 3). If the Link is named differently (eg account1, 1contact, mycontact etc.) the Portal Role will not work.
• When Link will be called accounts, contacts for Link Types: One-to-Many and Many-to-Many (screenshot 4). If the Link is named differently (eg accounts1, 1contacts, mycontacts etc.) the Portal Role will not work.​

Hi victor thank you very much for helping out. Thank you for all this detailed work. But I must admit that I am lost I read your post a few times now and tried to get an idea of what is the problem. I'll prepare some screenshot down below.

Screenshots that are connected to my question:
---------------------------------------
If the portal user is assigned the right to see only Entity A records of his own Firma/Account then he sees only those that he created himself:

If the portal user is assigned the right to see ALL Entity A records regardless of which Firma/Account he belongs to then he sees all connected Entity A records:


So the relationship itself is intact, the hierarchy is constructed. But the visible records differ. Does this still sound like what you think is the root cause for my issue?

Screenshots that you asked for:
---------------------------------------
The NOT working entity is called "Abteilung" (meaning ~= department) as a n..1 child of Organisation/blurred (meaning = Account).

Relationship view:


Relationship detail view:


Database view:

And all entries have a filled organisation_id that is the same for every record from which the portal user only sees those that are his own:


The working entity uses "account_id" as the field name.

In my opinion, you should translate your instance into English for a while, take screenshots again (in which everything will be in English and without blurring on the screenshots). It is extremely difficult to understand what is actually displayed to your Portal User, what is not, and what should be displayed.

Because the rights for the portal role for both Entities look exactly the same. That is, a user with this role must see the records of Entity A and Entity B also absolutely identically (unless this user is assigned an additional role).
​
Or, if you wish - I will delete this and the previous message, so as not to confuse the community, which may have understood your problem from your very first post in this topic.

Hi victor,

thanks again. I will setup a test instance these days to deliver the needed material. But this will take me a few days.

In the meanwhile: Maybe a last try with my words to check if we're on the right track?

What I am trying to say is that in the hierarchy view of Account (go to Accounts -> Some Account) like this:


This is the view of the portal user that is able to see all records of Entity A that belong to the scope read: ACCOUNT (see my very first post/first screenshot on the set permissions, there it is called Firma instead of Account). The user can see A1 and A4.

If I change the portal users right the scope read: ALL records of Entity A instead of ACCOUNT then in the same view as above also the records for A2 and A3 will be visible to this user.

So effectively: A1 to A4 are all related to Account in the background. But making all of them visible to portal users with the scope ACCOUNT does not work somehow. So is there still a need to investigate the things that you said?

I recreated your case and everything is displayed as it should be:
- I have 2 Portal Users (pele and zidan) with the same Role (screenshot 1). This is very important to eliminate the possibility of a conflict between the two Roles.
- Each Portal User belongs to the same Account football account (screenshot 2).
- Created 2 records from the admin in each entity, and one from each Portal User (screenshot 3).

As a result, both Portal Users see 4 records from each entity, because all 4 records from Entity A and all 4 records from Entity B are associated with the football account (to which both Portal Users belong).​

If I link any record in Entity A or Entity B (for example, it will be record A1 from Entity A), then of course in this case my Portal Users will not see this record A1, because I broke the connection between A1 and the football account.

Most likely, you misunderstood the permissions of the account option (as shown in screenshot 1).
This option allows the Portal User to see ONLY those records that are interconnected with the accounts to which our Portal User belongs. At the same time, it does not matter who created the A1 record.​

Another example:
If I associate the A1 record with another Anakonda's Heel account, then the A1 record will not be visible to any Portal User until I add this Anakonda's Heel to his profile. Let it be the User Portal pele (screenshot 4). So pele still sees all records of Entity A (A1 too). But Portal User zidan, who belongs only to the football account, sees only his records: A - created by zidan, A - by pele created, A2 (screenshot 5).​