Forums - Thread Details
  • State Verified Answer
  • Replies 5 replies
  • Subscribers 319 subscribers
  • Views 1973 views
  • Users 0 members are here
Forum Actions
Related

role management for custom record action

Oscar Castro

Hi,

I created a custom action for a custom module, but i need restrict the access to this action if the current user is in a specific role. How can i do that?

<?php
array (
  'type' => 'actiondropdown',
  'name' => 'main_dropdown',
  'primary' => true,
  'showOn' => 'view',
  'buttons' => 
    array (
      0 => 
      array (
        'type' => 'rowaction',
        'event' => 'button:edit_button:click',
        'name' => 'edit_button',
        'label' => 'LBL_EDIT_BUTTON_LABEL',
        'acl_action' => 'edit',
      ),
      1 => 
      array (
        'type' => 'rowaction',
        'event' => 'button:custom_action:click',
        'name' => 'custom_action',
        'label' => 'LBL_CUSTOM_ACTION',
        'acl_action' => 'view',
      ),
      2 => 
      array (
        'type' => 'pdfaction',
        'name' => 'download-pdf',
        'label' => 'LBL_PDF_VIEW',
        'action' => 'download',
        'acl_action' => 'view',
      ),
?>

Thanks for the help

Parents
  • 0

    Hi,

    You can create sugar API to get user role.

    <?php
    if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
    class getCurrentUserRoleApi extends SugarApi{
        public function registerApiRest(){
            return array(
                'userRole' => array(
                    'reqType' => 'GET',
                    'path' => array('userRole'),
                    'pathVars' => array(),
                    'method' => 'getCurrentUserRole',
                    'shortHelp' => 'Custom Api to get the current user role',
                   'longHelp' => '',
                ),
            );
        }
        public function getCurrentUserRole($api,$args){
            global $current_user;global $db;
            $query = "SELECT acl_roles.id ".
         "FROM acl_roles ".
         "INNER JOIN acl_roles_users ON acl_roles_users.user_id = '".$current_user->id."' ".
         "AND acl_roles_users.role_id = acl_roles.id AND acl_roles_users.deleted = '0' ".
         "WHERE acl_roles.deleted = '0' ";
            $result = $db->query($query);
            $user_roles=array();
            while($row = $db->fetchByAssoc($result) ){
                $user_roles[] = $row['id'];
            }
           $GLOBALS['log']->error('User roles :'.$user_roles);
            return $user_roles;
        }
    }

    After getting current user's role you can apply condition according your requirements.

    Regards!

  • 0 in reply to Hussain Nasir

    Thanks for reply,

    After create the sugar api, how i can restrict the access to the custom action?

Reply Children
No Data