CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • APIs and Hooks (Moderator: Donald Lobo) »
  • Give permission to edit only a custom field set, not the entire contact
Pages: [1]

Author Topic: Give permission to edit only a custom field set, not the entire contact  (Read 1046 times)

julienld

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.2.2
  • CMS version: Drupal 7
  • MySQL version: 4
  • PHP version: 5
Give permission to edit only a custom field set, not the entire contact
November 12, 2012, 03:58:05 pm
Hi,

Basically, I need to give the right to some users to edit a single custom field set of every other contact. This can be done simply with CiviCRM ACLs and by turning off "access all custom data" in the Drupal permission. I would also need to give to this user the permission to edit the contact (with "edit all contacts" Drupal permission or with an CiviCRM ACL). If I don't the user will only be able to see the custom field, not edit it.

The problem is that I want those user to only have the edit the custom field set, not to edit the non-custom fields (name, phone, address, etc.)


This is how in intend to solve this issue :

1. Implement an hook_civicrm_buildForm to remove all non-custom fields from CRM_Contact_Form_Contact (used in contact/add?action=update&cid=)

2. Implement an hook_civicrm_pre to prevent any change from non-custom fields.

3. (Optionally) Disable the AJAX-edit-in-place feature in the contact summary for all non-custom fields.


Do you guys think of any easier ways or is this the right solution?

Thank you,

JLD

Jason W

  • I post frequently
  • ***
  • Posts: 197
  • Karma: 12
  • jason@civitrainingtutorials.com
  • CiviCRM version: 4.2
  • CMS version: Drupal 7
  • MySQL version: 5.x
  • PHP version: 5.x.x
Re: Give permission to edit only a custom field set, not the entire contact
November 13, 2012, 07:07:33 am
Hello JLD,

I'm not exactly certain why you would have Users editing something within other users' profiles. If these Users are trusted enough to be able to make changes in the first place, why not use ACLs to do this and Instruct them not to change anything that they aren't supposed to? then Keep an eye on your change logs. If they overstep their bounds, then try implementing hooks and the like. Maybe even use this method while you write your hook and see how it goes.

Hope this helps.

Cheers,
Jason
civiTrainingTutorials
"Helping You Help Others"

julienld

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.2.2
  • CMS version: Drupal 7
  • MySQL version: 4
  • PHP version: 5
Re: Give permission to edit only a custom field set, not the entire contact
November 13, 2012, 10:11:32 am
Hi,

Thank you Jason.

You should try to think of my attempt as "notes" feature, but with a structured approach.

Changes to contacts are subject to some rules and only a few users know them (less than 5). We had some problem before with this Even someone putting his own name in an other contact! (or maybe it was a merge gone wrong).

We have about 200 users and we need need them to fill some custom fields.

We could use notes to store some info, but it prevent us to use any structured search query to get lists of contact with an particular attribute. Also, searching old notes will eventually get in the way of the recent ones.

I will check those hook a bit more to see how difficult it will be.

Thank you.

JLD

petednz

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4899
  • Karma: 193
    • Fuzion
  • CiviCRM version: 3.x - 4.x
  • CMS version: Drupal 6 and 7
Re: Give permission to edit only a custom field set, not the entire contact
November 13, 2012, 10:44:38 am
How are you determining which 'contacts' Contact A can edit? If any, then one option would be using Webform.
Turn 'off' Enforce Permissions should let User A update a field about contact B.
If the field won't populate, then provide a View showing all the contacts - eg use a Filter, or provide as a block, add a link to list so they can go to <webform>?cid1=[id]

That way they can edit the data in that field for everyone, without accessing CiviCRM itself.

If that sounds helpful i can provide more details if the above is to brief.
Sign up to StackExchange and get free expert advice: https://civicrm.org/blogs/colemanw/get-exclusive-access-free-expert-help

pete davis : www.fuzion.co.nz : connect + campaign + communicate

julienld

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.2.2
  • CMS version: Drupal 7
  • MySQL version: 4
  • PHP version: 5
Re: Give permission to edit only a custom field set, not the entire contact
November 15, 2012, 02:31:01 pm
Hi,

I currently have a complex set of 120+ ACLs. It will also soon be replaced with a custom ACLWhereClause hook.

Webform is a good idea, but will it follow these permissions? Also, with Webform, how to you put a edit button? with jQuery?

Thank you!

petednz

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4899
  • Karma: 193
    • Fuzion
  • CiviCRM version: 3.x - 4.x
  • CMS version: Drupal 6 and 7
Re: Give permission to edit only a custom field set, not the entire contact
November 15, 2012, 03:34:24 pm
we are just working on a solution to ensure the API does pay attention to ACL permissions at least for Contacts - so Yes is probably the closer answer than No
Sign up to StackExchange and get free expert advice: https://civicrm.org/blogs/colemanw/get-exclusive-access-free-expert-help

pete davis : www.fuzion.co.nz : connect + campaign + communicate
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • APIs and Hooks (Moderator: Donald Lobo) »
  • Give permission to edit only a custom field set, not the entire contact

This forum was archived on 2017-11-26.