Make a module read-only except for one field

I think I know the answer to this one....but asking on the chance that someone has a snazzy shortcut or answer.

On the Account module, we have a "critical customer" field that anyone in the organization can check and it causes a message to immediately go to the entire company.

For most roles in Sugar, we want to secure the Accounts module to read-only for most roles except for that one field.

I tried securing the module by setting edit to "none" and setting that one field to "read/write".

As I expected, the module-level security overrode the individual field.

I realize I can set the module to allow editing and then lock down every individual field except that one field....but is there a better/easier way?

I appreciate any thoughts/input!

Bob

0 Ramya Katram over 3 years ago

Hi Bob,

As per the above message, I understood that you want to hide most of the fields in the Accounts module for most of the roles in Sugar.

The approach what you thought is completely fine as it does not require any coding and developer support. If you don't want to even show the fields in the layout, you can see how to set the record views based on the role here. By setting the role-based record views we can hide/show the fields as per our requirement.

Hope this helps:)

Thanks,

PK

https://www.bhea.com
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bob Bundy over 3 years ago in reply to Ramya Katram

Hi Ramya Katram

Thanks very much. We don't want to hide the fields. We want all but one to be read-only. It's easy to make an entire module read-only. I wondered if there is an easy to make the entire module read-only EXCEPT for one field.

I appreciate your help.

Bob
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Dmytro Chupylka over 3 years ago in reply to Bob Bundy

Okay, there is an option to configure a before_save validation that accepts the change of one particular field only and does not allow to save the record if any other field is changed.

BTW, the validation could be respected by both UI and API - it is possible with Logic Builder configuring tool and would take 15 min to draw solution

However, using out of the box security model for the case articulated seems the best solution, even if setting fields readonly may take 30 min, IMHO

Best Regards,
Dmytro Chupylka

integroscrm.com
We make work in Sugar CRM system faster, more convenient and efficient
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 André Lopes over 3 years ago in reply to Dmytro Chupylka

It is better to configure Access Control List. It has a minor development effort and it affects every component inside SugarCRM.

André Lopes
Lampada Global

Skype: andre.lampada
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel
0 Francesca Shiekh over 3 years ago

There is a nice article by Enrico Simonetti that may help:

enricosimonetti.com/.../
Cancel
Vote Up +2 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel
0 Dmytro Chupylka over 3 years ago in reply to André Lopes

ACL enhancements are so exciting but scary because of possible consequences at the same time.

Is it reasonable to take the risks of ACL development for saving 30 min of one-time manual work?

Best Regards,
Dmytro Chupylka

integroscrm.com
We make work in Sugar CRM system faster, more convenient and efficient
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bob Bundy over 3 years ago in reply to Dmytro Chupylka

Thank you Dmytro Chupylka. I agree that using the existing security functionality is best - even if it's a pain. My biggest worry was/is performance. I've worked with other systems that allow field-level security rights and they have a potential to perform slowly as individual security rights are enforced.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bob Bundy over 3 years ago in reply to André Lopes

Thank you, André.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel