Role management and relationships

Hi all,
I am trying to set role management in order to fit my needs. I created a one-to-many relationship between Meetings and Contracts (many contracts related to one meeting). Meetings are created from user1, contracts from user 2 (via subpanel). I need to allow user1 to list contracts related to his meeting.

I allowed user1 to list only owned contracts, but these are created from user2.
How can I archive that?
Thanks in advance.

What do you mean “how can I archive that”?

About the permissions, by default they will all see everything, unless you restricted accesses by assigning records to a security group, and configured roles to restrict users. So I can’t really help you to “show” records, you have to think of it the other way around: which restrictions are you enforcing, and how?

Sorry, typing error: how can I achieve that?


  • user1 have access to his meetings, can create new ones, that could be related to many Contracts.
  • user2 have access to all meetings, and can create Contracts related to them via subpanel.

Contracts created via subpanel are related to user1’s meetings, but are owned by user2. I need to restrict user1 so it can access only Contracts related to his meetings. If I set in user1’s role Contracts access to “own”, it doesn’t show anything.

I have two user groups

  • Agent: users assigned to Meetings, that reports to Back Office users meeting’s results (number of contracts closed during meeting).
  • Back Office: users that list all Meetings, and create Contracts related to them.

So, for example

  • agent1 has been assigned to a Meeting. He reports one contract closed.
  • backoffice1 creates one contract related to the meeting, via subpanel.

Agents can see only their assigned Meetings and Contracts related.

In role management Agents can view only their owned Meetings, and their Owned Contracts. But the problem is that contracts related to meetings are created by Back Office users. So they don’t list any contracts.

I hope that now my problem is more clear that before.

PS. sorry for my bad english!

Instead of using “Owner” try working with “Group” roles. Users can belong in more than one group. And you can assign more than one group to each record, so that is that way to make it visible to more people.

1 Like

Thanks for you reply. If I set permissions to group level, agents can list all contracts related to each meeting they are assigned to. And this is ok. But each agent has to see only its meetings and, consequently, only the contracts related to those one. So with group setting, in Contracts module I can list all contracts (those related to agent1, agent2…).

Each agent has to see only contracts generated from his meetings. There will be a manager with the ability to see all Contracts, but this is another story.

The “owner” relied on the “assigned to” mechanism, and this mechanism, by design, allows only one person to be assigned to each record (to make sure somebody has responsibility over it, and that responsibility is not diluted between several people).

So to get around that limitation I can only see you having a group for each agent (a one-person group for each), and assigning that security group to what you want him to see, manually, or with some automation that you build.

I will follow your advice. Thanks!

Ok, I found it. Enabled inherits from parent, creator and record groups. For each agent I created a solo-group. Finally, I had to play with PHP in SecurityGroups module in order to dinamically assign the right groups in case of modifications.

Thanks again to pgr! Thanks to this forum I found the way.

1 Like