CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Trouble with standard Access Control implementation
Pages: [1]

Author Topic: Trouble with standard Access Control implementation  (Read 820 times)

jbertolacci

  • I post occasionally
  • **
  • Posts: 54
  • Karma: 1
Trouble with standard Access Control implementation
May 22, 2009, 03:00:38 pm
I want to have multiple managers in my CiviCRM implementation with each given the ability to view and edit only their own sub-set of contacts within our database. I setup a fresh install of CiviCRM 2.2.2 within Drupal and attempted the standard access control config as documented in...

    http://wiki.civicrm.org/confluence/display/CRMDOC/Access+Control

I created a handful of contacts, created a custom data group for club with "yes/no" fields for two organizations ("COMBA" and "SORBA"), and then created two smart groups ("COMBA All" and "SORBA All") which contains contacts for each of those organizations (those contacts marked with "yes" for each respective organization).

I then created two standard groups ("COMBA Admins" and "SORBA Admins") for administrators and added contacts of organization admins to these groups. With these groups I went to Access Control and created an ACL role, assigned the role "edit" Operation on the smart group, and then assigned the admin group to the ACL role.

In Drupal I created one role of "organization administrators" and added the drupal accounts associated with the organization contacts from CiviCRM this Drupal role. Unfortunately, this setup is not behaving the way I expected. If I give the Drupal "organization administrators" role "view all contacts" permission, when the admin contact logs in and searches for contacts s/he sees all the the contacts.

If I leave the "view all contacts" permission unchecked for Drupal "organization administrators" role, the admin sees no contacts when s/he searches. Obviously I have done something wrong, but I cannot track it down. Does anyone have any pointers to where I should dig deeper?

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Trouble with standard Access Control implementation
May 22, 2009, 03:11:06 pm

hey jason:

can we get ssh access to your box and check things out. The "view all contact" behavior is right. the other one (when left unchecked) is wrong

from your description you seem to have covered all the things, so looking at your site might help and solve the mystery

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

Sarah

  • I post occasionally
  • **
  • Posts: 72
  • Karma: 3
    • American Friends Service Committee - Southeastern New England
Re: Trouble with standard Access Control implementation
June 16, 2009, 08:59:20 pm
I am having a problem identical to this.  I set up two access control sets of contacts and permissions and had the exact same issue.
Was this ever resolved?
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Trouble with standard Access Control implementation

This forum was archived on 2017-11-26.