Author Topic: Permissioning question (Read 1004 times)

Chris Burgess · May 11, 2008, 12:26:52 am

I'm hoping for clarification on how to permission some forms correctly.

Our site has a membership sign-up form which allows people to enter some custom data about themselves. It also has other custom data tabs which we don't want visible to (all) users who have permission to view other contacts in the system.

In the Default Permissions and Roles page, it says

Quote

Access all custom data:
You must enable this permission for any role which you want to view or edit custom data fields. EXAMPLE: If your site uses Profile(s) which include custom fields, make sure the role(s) that need to access these Profiles have this permission. Be sure to assign this permission for the "anonymous" user role if you want to collect information using custom profiles with custom fields.

However, I believe it should be also possible to use CiviCRM ACLs to expose ONLY the profile I want to make available for new member signup, rather than giving anonymous user access to all custom data groups. Is that correct?

Donald Lobo · May 11, 2008, 12:03:54 pm

hey chris:

can u grant auth users an ACL for only that specific custom group.

grant users who have restricted permission on view contacts ACL's to all custom groups that they can see

however if the number of groups that the above users belong to is quite high, then the above becomes quite unwieldy

u can potentially extend the custom hack we did for contacts, to the group case too, and base your permissioning off the "permissioned custom data" you store for each user

lobo

CiviCRM Community Forums (archive)

News:

Author Topic: Permissioning question (Read 1004 times)

Chris Burgess

Permissioning question

Donald Lobo

Re: Permissioning question