CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • Access control - problem with roles and permissions - too much access
Pages: [1]

Author Topic: Access control - problem with roles and permissions - too much access  (Read 1673 times)

DerekWilliams

  • Guest
Access control - problem with roles and permissions - too much access
January 13, 2008, 07:58:30 pm
I created a role with permissions only for "access CiviCRM", and "view all contacts".  However, users with only this role can log in and see many things, including CiviContribute, etc.  Similar combinations of permissions have the same problem: no matter how limited/restrictive the permissions, users with the role can do most everything.

Any hints as to why this is happening?  We really need to create users who can do things like view contacts, but not view or edit contributions.

This is CiviCRM 1.8.11536 on Drupal 5.5.

Derek

Dave Greenberg

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 5760
  • Karma: 226
    • My CiviCRM Blog
Re: Access control - problem with roles and permissions - too much access
January 14, 2008, 01:46:39 pm
Any chance you've given additional CiviCRM permissions (e.g. access CiviContribute etc.) to the "authenticated" role? I ask because all other roles (except "anonymous") get granted all permissions you assign to that role PLUS any permissions assigned to "authenticated".

I setup a role on our 1.9 demo with the permissions you've specified - and it seems to work as expected. You can only view contacts (not edit them), and the contribution tab, menu item etc. are not available.

http://demo.civicrm.org/drupal

User = authtest
PW = demo
Protect your investment in CiviCRM by  becoming a Member!

DerekWilliams

  • Guest
Re: Access control - problem with roles and permissions - too much access
January 14, 2008, 07:26:52 pm
>> Any chance you've given additional CiviCRM permissions (e.g. access CiviContribute etc.) to the "authenticated" role?

That's exactly what I did!  I first assigned nearly all permissions to the authenticated role when I first installed the system.  I didn't realize that users with other role assignments got the "authenticated" role also. 

Thanks, Dave, for the quick and spot-on help!! 

I'm new to Civi and Drupal; I just started setting up this new system 3 weeks ago.  But even with over 250,000 contacts, 130,000 contributions, and 280,000 activity history records, so far so good.  BTW, imports were a challenge (I ended up writing conversion programs to do the SQL inserts), but overall very pleased with the system.

Thanks again for the help!

Derek

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Access control - problem with roles and permissions - too much access
January 15, 2008, 05:19:00 am

hey derek:

would be great if you could share your "conversion scripts" so that other folks can potentially use it as a model for large imports. Also a more detailed description of what you'll are using civicrm for in the site showcase forum would be very much appreciaed

thanx

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Core CiviCRM Functions (Moderator: Yashodha Chaku) »
  • Access control - problem with roles and permissions - too much access

This forum was archived on 2017-11-26.