Field level access control

Hi,

Firs I should say we like you ACL system very much. It has covered most of our requirements.

Do you have a plan to implement field level access restriction? Sometimes we just need that users with a specific role can edit or view an entity but not being able to view or edit a specific field. What is your suggestion?

Best,
Ahmad

Topic

[Yurii MuratovParticipant]

Hi, @ahmad-golzar.

Thanks for your feedback.

Yes, we have a plans to implement access checks on field level, but unfortunately, I cannot say when it will be implemented.

I think that @Soroka able to provide more information on this subject

[Stepan YudinParticipant]

Hi, Yuri.
Im interested in this functional too. Maybe you know now – how long to wait for ths feature?

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Artem LiubeznyiSpectator]

Hi Stepan,

This feature is in our backlog but unfortunately I cannot provide you the clear timeline just yet. I will post an update here as soon as we decide to put it into a release.

Thanks for your interest in OroCRM!

[Stepan YudinParticipant]

Thank you, Artem. It would be great!

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[ishakutaParticipant]

Here’s some draft https://github.com/orocrm/platform/pull/337 for field level acl.

[Stepan YudinParticipant]

Yep, i saw it. Now waiting for this pull request to be merged)

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Artem LiubeznyiSpectator]

It (finally) should be available in the upcoming 1.10 release. Thanks for your patience!

[Stepan YudinParticipant]

Hooray! Thank you!

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Stepan YudinParticipant]

Good day everyone!

One more question: is there any possibility to force enable field level ACL for entity?

I added "field_acl_supported"="true" to my entity config, but after this i have to go to entity management UI and turn it on. I want to do this with migrations or with any other way without UI interactions.

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Stepan YudinParticipant]

I’ve found the solution. Just needed to add one more property to security config.
Take a look at lines 9-11

* @Config( * defaultValues={ * "security"={ * "type"="ACL", * "group_name"="", * "permissions"="All", * "category"="crm_entities", * "field_acl_supported"="true", * "field_acl_enabled"=true, * "show_restricted_fields"=true * } * } * )

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

* @Config( *      defaultValues={ *          "security"={ *              "type"="ACL", *              "group_name"="", *              "permissions"="All", *              "category"="crm_entities", *              "field_acl_supported"="true", *              "field_acl_enabled"=true, *              "show_restricted_fields"=true *          } *      } *  )

Thank you anyway, great Field-level ACL implementation)

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Stepan YudinParticipant]

One more question)

How can i turn of all permissions for specified field?
I tried this:

* @ConfigField( * defaultValues={ * "security"={ * "permissions"="NONE", * }, * } * )

1 2 3 4 5 6 7 8 9

* @ConfigField(       *      defaultValues={       *          "security"={       *              "permissions"="NONE",       *          },       *      }       * )

It works, but error hapens when i try to change any permission and save role via the UI form.

---

Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
https://github.com/stepansib/sf-oro-docker

[Author]

Replies