Thread Details
  • State Verified Answer
  • Replies 54 replies
  • Subscribers 374 subscribers
  • Views 16226 views
  • Users 0 members are here
Forum Actions
Related

Disable record's creation

Gaelle Fernandez
Hello everybody !

I have a really urgent problem to solve :

How can i disable the "creation" of new records (in standdard modules like Accounts, but in custom too) for few users?

I was thinking about roles, but there is nothing on the role management.
I would like to disable the creation of new Accounts for the role "lambda user".

of course, we have to take care of disable "duplication" too.

By disable, i mean, disallowed access to the button "create" and "duplicate" and to disallowed the action.

Do you know how to disable the action of creation/duplication and how to hide the "create"/"duplicate" buttons ?

Thanks a lot !

ps : Im on Sugar 7.5.1 Pro
  • 0 in reply to Matt Marum
    Did you get the logs in you sugarcrm.log ?
     maybe it 's my js which is no good..
    Remember : i'm on 7.5.1 Pro...

    Here is my whole <sugar>/custom/javascript/acl_hide_create.js


    (function(App) {
      App.events.on("App:sync:complete", function(){
        App.api.call('GET', App.api.buildURL('userRole'), null, { 
            success: function(userRoleArray) {
               console.log(_.indexOf(userRoleArray,"1ffe6d3f-897e-8a2d-1b00-558969e06287") );
               if (_.indexOf(userRoleArray,"1ffe6d3f-897e-8a2d-1b00-558969e06287") > -1) {
                  console.log(userRoleArray);
                  var acls = App.user.getAcls();
                  acls.Accounts.create = 'no'; 
                  App.user.set("acls", acls);
               }else{
                  console.log("not inarray");
               }
           },
       });
     });
    })(SUGAR.App);
    When i test it in console, i get a "undefined", even if i connect with a user which has the role set to "standard user" ... nothing is fired in the console...

  • 0 in reply to Matt Marum
    Try changing "App" to "app" - I believe it should be lowercase in the javascript file. You can also add a console.log before the api call to ensure you're getting into the javascript code at all.
  • 0 Sugar Employee Badge in reply to Matt Marum
    Yes, the Backbone event names should be treated as case sensitive.  "app:sync:complete" instead of "App:sync:complete".  The underlying implementation for these global Sidecar application events is Backbone Events.
    https://github.com/jashkenas/backbone/blob/0.9.10/backbone.js#L116

    App Ecosystem @ SugarCRM

  • 0 in reply to Matt Marum
    YESS !!! IT WORKS !! FINALLY !

    Alan Beam (every App changed to app, except for the last SUGAR.App, which has to stay the same), Shijin Krishna I couldn't thank you enough !

    I'm posting the answer to share the full code !! THANKS A LOT !!!!
  • 0 in reply to Matt Marum
    Yes,in js file it should be app.If you are trying in browser console don't execute the entire code, just execute the api call.See below screenshot.



    Glad to know that finally you made it works.......:)
    Thanks!
  • 0 in reply to Matt Marum
    PROBLEM SOLVED !

    After a big while, and with the huge Help, Time, Knowledges and Patience of Alan BeamShijin Krishna and Matthew Marum, I got it running !
    So, because they were so kind to me, and because i know someone will someday face this situation, i put here the code wrote !

    How to write the custom API to retrieve current user roles :
    (be carefull, your file must have the same name as you class)
    in <sugar>/custom/clients/base/api/getCurrentUserRoleApi.php

    <?phpif(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
    class getCurrentUserRoleApi extends SugarApi{
     public function registerApiRest(){
      return array(
       'userRole' => array(
        'reqType' => 'GET',
        'path' => array('userRole'),
        'pathVars' => array(),
        'method' => 'getCurrentUserRole',
        'shortHelp' => 'Custom Api to get the current user role',
        'longHelp' => '',
       ),
      );

     public function getCurrentUserRole($api,$args){
      global $current_user;global $db;
      $query = "SELECT acl_roles.id ".
       "FROM acl_roles ".
       "INNER JOIN acl_roles_users ON acl_roles_users.user_id = '".$current_user->id."' ".
        "AND acl_roles_users.role_id = acl_roles.id AND acl_roles_users.deleted = '0' ".
       "WHERE acl_roles.deleted = '0' ";
      $result = $db->query($query);
      $user_roles=array();
      while($row = $db->fetchByAssoc($result) ){
       $user_roles[] = $row['id'];
      }
       return $user_roles;
     }
    }
      
    Then, add your js, which will call the api and act in return :
    (be careful, every app should be in minus letters, but the last one, SUGAR.App has to be given a capital !)
    (be careful, <YourRoleID> must be replaced by your chosen role id)
    in <sugar>/custom/javascript/acl_hide_create.js

    (function(app) {
        app.events.on("app:sync:complete", function(){
    /*call to the custom api to disallow create for Standard Users.*/
      app.api.call('GET', app.api.buildURL('userRole'), null, { 
       success: function(userRoleArray) {
        if (_.indexOf(userRoleArray,"<YourRoleID>") > -1) {
         console.log(userRoleArray);
         var acls = app.user.getAcls();
         acls.Accounts.create = 'no'; 
         app.user.set("acls", acls);
        }else{
         console.log("not inarray");
        }
       },
      });
        });
    })(SUGAR.App);

    Finally, to add your JS t the JSGroupings, 
    (this one adds your js to the sugr7.min.js)
    (be careful : your file.php has to be named the same as your precedent js file)
    under <sugar>/custom/Extension/application/Ext/JSGroupings/acl_hide_create.php

    <?php
    foreach ($js_groupings as $key => $groupings) {
        foreach  ($groupings as $file => $target) {
            if ($target == 'include/javascript/sugar_grp7.min.js') {
                $js_groupings[$key]['custom/javascript/acl_hide_create.js'] = 'include/javascript/sugar_grp7.min.js';
            }
            break;
        }
    }

    After that, do a QRR (quick repair and rebuild) and a repair the Grouping JS
    (go to admin > repair  and you'll see the first item and the 13th)


    So, this is brought to you by the unification of the forces and knowledges of all 3 great men :  Alan BeamShijin Krishna and Matthew Marum !

    Many big thanks to them !!


  • 0 in reply to Matt Marum

    Hello Everyone,

    This development is work for the Mobile App ?

    Because I have check this code in to my development instance but in mobile-app that is not working.

    Shijin KrishnaMatt MarumAlan BeamGaelle Fernandez

  • 0 in reply to Bhavesh Patel

    Hi Bavesh,

    Current implementation of Sugar Mobile App won't support custom js like record.js, create-action.js etc.

  • 0 in reply to Shijin Krishna

    Hello shijin Krishna,

    Does any way there I  can restrict record's creation using mobile app.

  • 0 Sugar Employee Badge in reply to Bhavesh Patel

    You would have to attempt to restrict it from Mobile REST APIs.  You could update User APIs to return ACLs that restrict 'create' action for modules you do not want the user to be able to create on Mobile.  Sidecar clients (like Mobile) obey a 'create' ACL that is not yet supported in backend.  I haven't experimented with this yet, so I couldn't say for sure how well it would work. But what I have in mind would not require a lot of code changes.

    See this blog post for example of how you can override REST API endpoints for Mobile clients.  In this case, you would want to override the API that returns client side ACLs to include additional ACL rules.

    Using server side changes to customize SugarCRM Mobile « Sugar Developer Blog – SugarCRM

    App Ecosystem @ SugarCRM