Thread Details
  • State Verified Answer
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 371 subscribers
  • Views 3203 views
  • Users 0 members are here
Forum Actions

SugarCRM Mobile. How can I prevent our users to access using Sugar version

Javier Torón

Hello!

We are developing a customized version of SugarCRM mobile and we would like to be able to force users to use this app, not the one Sugar provides us.

Is this possible?

thanks!!

  • +1

    Perhaps you can update in app.json the attribute jsConfig.clientID to some value other than "sugar".

    In the Sugar server side you can create a custom version of SugarOAuth2StorageMobile (custom/include/SugarOAuth2/SugarOAuth2StorageMobile) and override the method checkUserCredentials in order to evaluate if provided $client_id is "sugar", so you can refuse access.

    Regards

    André Lopes
    Lampada Global
    Skype: andre.lampada
  • 0

    You may be able to use the "Configure API Platforms" link in the Developer Tools section of the admin page. By removing "mobile" and adding in a different platform for your mobile app, that should disallow users from logging in with the SugarCRM mobile app.

  • 0

    Thanks for your help! I'll explore that solution.

  • 0 in reply to André Lopes

    I also like this one! it seems I would have to touch less code... I'll also give it a try!

    Thanks!

  • 0 in reply to John Boyes

    I'm afraid you are not allowed to delete a native platform.

    André Lopes
    Lampada Global
    Skype: andre.lampada
  • 0 in reply to André Lopes

    Hi André!

    I've been trying to test your solution.

    I've added one new record into oauth_consumer table. Here is where we place this client_id, right?

    But I couldn't find any client_id or clientID option into app.json (according to documentation), in fact I've looked for it in the project with no luck.

    Have you made this before? Do you know how to do it? any help would be really appreciated.

    Thanks!

  • 0 in reply to Javier Torón

    After unpacking the sugar-mobile-sdk take a look at the folder sdk/config_template and open the file app.json. You will see all possible attributes you can configure on building a custom app.

    Regards

    André Lopes
    Lampada Global
    Skype: andre.lampada
  • 0 in reply to André Lopes

    Thanks thanks thanks! Love that!

    Big kudo to you!

  • 0 in reply to Javier Torón

    I created /custom/include/SugarOAuth2/SugarOAuth2StorageMobile.php in my instance:

    class sugarOAuth2StorageMobile extends SugarOAuth2StorageBase
    {
    public $numSessions = 2;

    public function checkUserCredentials(IOAuth2GrantUser $storage, $client_id, $username, $password)
    {

      if ($client_id === 'sugar') {
        throw new SugarApiExceptionNeedLogin('Please access through our custom app');
      }

      return parent::checkUserCredentials($storage, $client_id, $username, $password);
    }

    }

    Worked like a charm.

    Thanks!

  • 0 Sugar Employee Badge in reply to André Lopes

    Thanks for the solution André!

    I have got this to work for a customer who is using a custom mobile app (when using username/password) but we are running into issues when the users log in via Single Sign On as the clientId seems to be hardcoded somewhere to "sugar" in the SSO scenario.

1 2