Hi everyone,
I’m migrating from SuiteCRM 7 to SuiteCRM 8.8.0 and running into an issue with restricting field modifications based on Security Group membership.
In essence, only users belonging to a specific Security Group should be able to edit a specific subset of fields within a module (e.g., Accounts). ACLs don’t provide the necessary field-level control.
SuiteCRM 7 Solution:
I achieved this in SuiteCRM 7 by extending the standard Account Bean and overriding the save() method. Within the save() function, I checked the user’s Security Group membership. If the user lacked the required permissions, I used:
SugarApplication::appendErrorMessageto display an informative error message.SugarApplication::redirectto redirect back to the record view.
SuiteCRM 8 Issue:
The same approach doesn’t work as expected in SuiteCRM 8. While the restricted field appears to update initially, refreshing the page reverts it to the original value. Furthermore, the error message handling is not functioning correctly.
Current SuiteCRM 8 Attempt:
I’ve implemented a ‘before-save’ Record Handler via a SuiteCRM 8 extension (implementing RecordSaveHandlerInterface). This correctly prevents unauthorized updates to the restricted fields. However, I’m struggling to provide a user-friendly notification when the update is rejected.
My Question:
How can I replicate the user notification behavior from SuiteCRM 7 (displaying an informative error message and redirecting) within my SuiteCRM 8 Record Handler when an unauthorized field update is attempted? Specifically:
- What’s the correct way to display a user-friendly error message within a SuiteCRM 8 Record Handler?
- Is there an alternative approach to prevent this issue?
Any insights or examples would be greatly appreciated!
Thanks in advance for your help.