CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • ACLs and Activities conflict
Pages: [1]

Author Topic: ACLs and Activities conflict  (Read 592 times)

dschafer

  • I post occasionally
  • **
  • Posts: 93
  • Karma: 3
    • Backoffice Thinking
  • CiviCRM version: 3.2.3 - 4.4.4
  • CMS version: Drupal 6.x, 7.x, Wordpress
  • MySQL version: 5.1.x - 5.5.x
  • PHP version: 5.2.x - 5.4.x
ACLs and Activities conflict
January 10, 2011, 12:28:58 pm
Hi,
It appears that if a user is restrict by a specific ACL, then the activities assigned to them are also restricted.

We have individuals (team leaders) who are assigned ACLs that limit their access to specific contacts by groups.

We have administrators who can assign activities to these to the team leaders. (team leaders cannot view or edit administrators contacts)

When a team leader tries to view or edit an activity assigned by an administrator it causes a fatal error 'You are not authorized to access this page.'
(this is on CRM/Activity/Page/tab.php line 202)

We expected that if the activity was assigned to someone they would be able to edit it.

Is this a bug or some specific permission logic?

Thanks,
Dave



Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: ACLs and Activities conflict
January 10, 2011, 02:24:09 pm

Our current permissioning rule for activities is:

1. if an activity references a contact (source, target or assignee) that user does NOT have permission on, then that USER does not have permission on the activity. (there are some other permissioning checks also)

the main reason being, if the user edits / views the activity, the user can see contacts that she cannot view/edit.

Its a fairly strict rule right now, since activities by themselves are not permissioned.

Not sure if we checking the permission on "who created the activity" is rght (check line 2106), but suppressing that check might work for your org

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

aeszq

  • I post occasionally
  • **
  • Posts: 53
  • Karma: 0
Re: ACLs and Activities conflict
May 31, 2011, 06:03:34 pm
Hi Lobo,

I'm having the similar issue. Which phph file were you refer to?

Cheers,
George
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • ACLs and Activities conflict

This forum was archived on 2017-11-26.