I want to restrict non-admin users from having ANY sort of access to the Completed tasks though any endpoints(EditView,DetailView,ListView or custom http request). I tried using role based access but it only seems to provide owner based filtering. How can I achieve this granular user control?
Hi, @manasan123
You can use Security Groups. I see way:
- make 2 Security Groups ‘hidden’ and ‘open’ (Admin->Security Suite Group Management)
- make special ‘Group User’ with name ‘Completed’ (Admin->User Management)
- include all users to ‘open’ Security Group without ‘Completed’
- include ‘Completed’ group user to ‘hidden’ Security Group
- make Role for module Task with access type ‘group’ for ‘list’, ‘view’, ‘edit’.
- when task change status to ‘Completed’ you can change ‘Assigned’ with WorkFlow or Logichook.
2 Likes
This is a really nice suggestion but I would like to have the ‘Assigned’ user information for the admins even after the task is completed, and sometimes the same task might get renewed with the same details.
@manasan123
You can make custom field and save there the user id/name. And admin can restore the user anytime.
I guess as a developer my job is to shape the service to fit the customers’ needs not the other way around
You don’t need to change Assigned to effect security changes - you can do it all with Groups (don’t use the Owner role setting, use the Group role setting). So you don’t have to change any data in the record to hide it.
You might have a little extra work assigning the groups, but that can be automated.
If I correctly understand, you want that only admin can come back task to work from status ‘completed’. You can make rules for WorkFlow:
- status from any -> ‘completed’
- copy Assigned to ‘custom field’
- copy special ‘Group User’ to Assigned
- status from ‘completed’ -> any
- copy ‘custom field’ to Assigned
What does problem for customer?