CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • Private Notes and ACLs
Pages: [1]

Author Topic: Private Notes and ACLs  (Read 1058 times)

SarahG (FountainTribe)

  • Ask me questions
  • ****
  • Posts: 782
  • Karma: 29
  • CiviCRM version: 4.4.7
  • CMS version: Drupal 6, Drupal 7
  • MySQL version: 5.5
  • PHP version: 5.3
Private Notes and ACLs
September 26, 2009, 11:51:36 am
My use case is this: The clergy need to be able to keep private notes about people, such as someone who is struggling with depression.    

What I have working so far:
I created a custom field group called "Sensitive Information" with several fields to record notes about the individual.

I created an ACL role called "Clergy" that is allowed access to the field group "Sensitive Information". I also created an access Group called "Clergy Access Group" which is tied to the ACL role "Clergy"

This part is working correctly: A member of the "Clergy Access Group" can edit and view the "Sensitive Information".  People who are not in that group, cannot see the sensitive information.

Unfortunately, anyone who has access to the CiviCRM dashboard, can add themselves or others to the "Clergy Access Group", which renders the purpose of the group and related ACL setups useless.  

Any suggestions to get this working so that only the clergy can get to the sensitive notes?  Am I on the wrong path?


I am using CiviCRM 2.2.9 with Drupal.

Thanks,
Sarah







« Last Edit: September 26, 2009, 11:53:17 am by sgladstone »
Did I help you? Please donate to the Civi-Make-It-Happen campaign  CiviCRM for mobile devices! 

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Private Notes and ACLs
September 27, 2009, 07:49:47 am

make sure that folks dont have access to view/edit all contacts. granting that access basically gives them access to all civicrm groups

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

SarahG (FountainTribe)

  • Ask me questions
  • ****
  • Posts: 782
  • Karma: 29
  • CiviCRM version: 4.4.7
  • CMS version: Drupal 6, Drupal 7
  • MySQL version: 5.5
  • PHP version: 5.3
Re: Private Notes and ACLs
October 03, 2009, 06:18:38 pm
I removed "view/edit all contacts" permission, which works to a point. What works - Non-clergy can no longer add themselves or others to the "clergy ACL group. But they can no longer view or edit ANYONE.  How can I give them access to view and access all contacts? Is there an "everyone" group?

Thanks
Did I help you? Please donate to the Civi-Make-It-Happen campaign  CiviCRM for mobile devices! 

Jason W

  • I post frequently
  • ***
  • Posts: 197
  • Karma: 12
  • jason@civitrainingtutorials.com
  • CiviCRM version: 4.2
  • CMS version: Drupal 7
  • MySQL version: 5.x
  • PHP version: 5.x.x
Re: Private Notes and ACLs
October 02, 2012, 09:42:49 am
Hello Sarah,

From your manage ACLs screen, create an ACL that allows Everyone(role) to View(operation) a group of contacts(type of data). Group should be set as All groups. check enabled and select save.

You may also have to set up another ACL or three to define which groups can be edited by which roles.

Hopefully this helps.

Cheers!
Jason
civiTrainingTutorials
"Helping You Help Others"
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • Private Notes and ACLs

This forum was archived on 2017-11-26.