CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site

This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Permissioning question
Pages: [1]

Author Topic: Permissioning question  (Read 1004 times)

Chris Burgess

  • Ask me questions
  • ****
  • Posts: 675
  • Karma: 59
Permissioning question
May 11, 2008, 12:26:52 am
I'm hoping for clarification on how to permission some forms correctly.

Our site has a membership sign-up form which allows people to enter some custom data about themselves. It also has other custom data tabs which we don't want visible to (all) users who have permission to view other contacts in the system.

In the Default Permissions and Roles page, it says

Quote
Access all custom data:
You must enable this permission for any role which you want to view or edit custom data fields. EXAMPLE: If your site uses Profile(s) which include custom fields, make sure the role(s) that need to access these Profiles have this permission. Be sure to assign this permission for the "anonymous" user role if you want to collect information using custom profiles with custom fields.

However, I believe it should be also possible to use CiviCRM ACLs to expose ONLY the profile I want to make available for new member signup, rather than giving anonymous user access to all custom data groups. Is that correct?
@xurizaemon ● www.fuzion.co.nz

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Permissioning question
May 11, 2008, 12:03:54 pm

hey chris:

can u grant auth users an ACL for only that specific custom group.

grant users who have restricted permission on view contacts ACL's to all custom groups that they can see

however if the number of groups that the above users belong to is quite high, then the above becomes quite unwieldy

u can potentially extend the custom hack we did for contacts, to the group case too, and base your permissioning off the "permissioned custom data" you store for each user

lobo


A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Permissioning question

This forum was archived on 2017-11-26.