CiviCRM Community Forums (archive)

I may be beating a dead horse here, but I though I would ask.

One of our clients has several data entry staff who have limited access to edit records, ideally the summary page and relationships, maybe tags but that's pushing it honestly.  There are about 50 of these staff so they tend to get different levels of training and have vastly differing levels of attention to detail (some are temps who are there 1-4 days).  As such we need to tighten down on what they see.

We have a series of custom fields that hols particularly sensitive data, we figured that we would use the CiviCRM ACL to hide those fields from the data entry staff.  We ran into one major hole for which we have a couple less than perfect ideas for but I wanted to see if I'm missing something obvious.  We're using Drupal 6 & CiviCRM 3.1.5 with the usual LAMP stack (PHP 5.2.10, MYSQL 5.1, Apache 2.2 etc...)  and are assuming we need to turn of the 'access all custom data' permission for the data entry staff and controlling what fields they can see with ACLs and groups.

Problem: We don't want data entry staff to add members (or themselves) to groups as they can simply add themselves to a group that can edit/view the fields we want to hide from them (and yes before you ask they have done this on a couple occasions).  You receive permission to edit groups if you can edit by way of the the Drupal "edit all contacts" permission or if you have permission to edit a record granted by the CiviCRM ACL.

We thought about writing hooks to remove the staff personal records from any group that they have permission to edit therefore meaning they can't grant permission to themselves, but that still means they can give permission to members to see the data (which isn't a big deal as members can't access CiviCRM anyway).  This seemed a weak solution, but one you could do with hooks/apis meaning it won't likely break with upgrades.

any ideas are welcome

Hi Folks,
I have the same need, could you say me where I can find that hook "hook_civicrm_aclGroup"? and how to use it?

Thank You in advance

Rob

Thank for your quick reply
However I'm very new to civicrm and i don't know yet how to use that file, Could you provide me more info?

thank you

  ok thank you, i will try and let you know

Thank You

Rob

Hi,

We have implemented a system whereby we give people permissions based on a custom field. The custom field is in a tab of it's own and we also use a hook to hide the custom tab based on permissions.

ie. each contact is in a 'City' field. We also have a separate checkbox field 'view cities' and if the 'Wellington' box is checked for a given user they can view contacts in Wellington. The check box that sets the permission can be restricted using drupal permissions. I can share the code but will need to find time to sort it for sharing.

Note that ACLs should be seen as 'best effort' All contact view ACLs can be circumvented by any user with 'Access CiviCRM' permission using the REST URLS

Hi Jim,

I'll try to get it sorted for you soon - the code is based on Chris's code which is here in a basic form - the code on the wiki gives out permissions based on custom fields (actually I think it can be core fields too)

http://wiki.civicrm.org/confluence/display/CRMDOC21/CiviCRM+hook+specification#CiviCRMhookspecification-hookcivicrmaclWhereClause

The additions that we are using are around hiding the permissions tabs based on drupal permissions & on using it in a multisite context

Yeah - that's what I mean about additions - the code I've linked to is the ACL stuff & we have some extra code to hide the tabs

groups are exposed to those users who have the group ACLs (since thats the other permissioning mechanism). If i'm not mistaken, the "Edit Groups" permission is just the ability to create/update/delete new groups

however u can expose the public groups to a profile, and hence the permissioned related contact can add/remove the other contact via that mechanism

lobo