We have roles and groups for each user of SuiteCRM. But we want that only some of them can ADD and EDIT campaigns, so…
- I configure the basic role to ALL in the “List” and “View” columns for CAMPAIGNS module
- And set to “Nothing” the rest of the columns of that module
- Basic users can list and see the details of each campaign --> GREAT
- Basic users can’t create new campaigns --> GREAT
- Basic users are able to see the details of a campaign, press the “Actions” combobox and launch the campaign wizard --> WHAAAAT?
So a basic user can change values in that wizard, save them and even LAUNCH campaigns and enqueue the mails in scheduler. This is exactly what we want to avoid.
It looks obvious to me that if a user has no access permissions to EDIT a campaign he shouldn’t either have access to launch the wizard, because he can edit almost everything.
Am I missing something to configure? The “Launch wizard” button should be disabled in my opinion, but it doesn’t
Thank you so much.
It doesn’t work directly. Do you know PHP? I will write recommendations if ‘yes’.
Hi there, @p.konetskiy . Thanks for answering.
At this moment, we prefer not to change the source code. The thing is that I was surprised about this behaviour of the permissions. It looks strange to be unable to change the basic info of a campaign but be able to launch the wizard with all its “risky email power”.
The 2 options I see for this could be:
- To stablish the campaign wizard as a new row in the role edit view (the same as, for example Security Suite)
- To disable the wizard if a role deny the access to edit a campaign
These should be my suggestion for this little security breach for future versions of SuiteCRM, if you, the Team, consider it interesting.
Anyway, we’ll review this topic and I suppose we’ll decide to fully cancel the access to this module and only managers will be able to view, list and edit.
One more time, thanks for answering & confirming that there is no built-in solution for this and that it is not a configuration mistake from my side, hehe.
The access of the button configure in the file. It’s standard customization.
There is open source platform and you can customize it as you want. Ha-Ha.
Absolutely true. It just that this is closer to a bug than to a customization, hehehe. But this is only my opinion as a noob with this and the way we understand permissions. So yes, we’ll check this custom in a future phase for sure.
Thank you very much!!
I hope it helps you if you wish to get more detail to connect me at skype: urvi.variance.
SuiteCRM by Default does not apply Roles Permission to the “Launch Wizard” Button in Campaign Module.
Open below file to check, there is no condition for check access of Edit Like other Buttons
We need to do Customization to apply Roles Permission to the “Launch Wizard” Button in Campaign Module.
You can change in the Core file or Create file in the custom folder for upgrade safe.
For changing in core file, open modules/Campaigns/metadata/detailviewdefs.php file and add condition as shown in the below screenshot.
For Upgrade Safe, Copy detailviewdefs.php file from modules/Campaigns/metadata and paste in custom/modules/Campaigns/metadata folder. After that add condition as suggested in the screenshot below.
After doing above changes, Repair & Rebuild your CRM from Admin
If you start your code customization and if you stuck anywhere please contact me anytime at firstname.lastname@example.org or Skype urvi.variance to help you to resolve.