Hello!
I have a setup of SuiteCRM 8.8.0, where one group of users has owner-only access to records (let’s say in Opportunities module) and another one has group-wide access to them.
My intention is to let people do everything with their own records by default and let someone be a moderator, see and edit selected records (not all of them). Roles are set up accordingly.
So a record has two groups:
- Default owner-only group inherited automatically;
- Group-wide group that’s assigned manually to needed records.
Now, I have a moderator user, who has said groups. In my understanding, he should see his own records AND ones which given the group-wide group.
But testing shows, that while the user indeed can’t interact in any way with records that don’t have the group-wide group assigned or not his own, and vice versa, he still can see all of them in the list view!
Somehow as soon as I assign the group-wide group to the user, he’s enabled to see not only his own records, but all records of all users of the owner-only group.
Now I’m a bit lost. It seems that two different permissions of the role for the group-wide group have two different kind of logics:
- View permission works as I initially planned: it lets any user in group-wide group see any record that has it;
- List permission instead somehow applies group permissions to another group (the owner group) and list of owner-only records are now available to anyone who has the group-wide group. Which shouldn’t happen?
Is it a bug? Or just some intricacies of CRM which I’m not aware of?
Thanks!
