We came across the scenario where we need to control the access to the Case records based on value selected in the field.
There are 2 users U1 and U2 under the Business Units B1 and B2 respectively. Both the users having Organization level full access on Contact and Account entities and Business Unit level full access on Case entity.
User U1 created a Case C1 for the Customer A1 and User U2 created a Case for the Customer A2. We got a requirement, where users U1 & U2 should be having access to C2 & C1 respectively. But, since both of them having read access to A1 & A2, they can still access the Cases C1 & C2 (which are created for the Customers A1 & A2).
So, is there any way to control the access to the Cases irrespective of the access to Customers (Account & Contact)?
It would resolve the issue if there is any workaround to control access based on the field value selected as we have Category field on Case.
Appreciate if any solution for this.
Thanks,
Related
I have created a Taxonomy of Organizations. I have then added a custom required field to my User accounts call "Organization". Also I have added the custom "Organization" field in commerce Product.
I have created view, when user login they should view the Product which is common to all as well as product belong to his/her organisation.
For Example:
Consider Product A , B & C
Product A belong to X organisation.
Product B & C common to all the users
User1 - X organisation
User2 - Y organisation
When User1 logs in he should see, Product A, B & C
User2 should see only B & C
how to achieve this using views contextual filter
Regards
Girija S
I have the below requirement -
We have an entity named Garden. A garden is owned by a person or company, and can also be leased by one or more people or companies. Each garden has a unique number.
Ideally, we would want to be able to see a single grid of all the people that own and/or lease the garden, regardless of whether they are a person or a company.
Questions -
1) Which entity to choose for person -> User or Contact
2) Which entity to choose for company?
3) How to design record ownership or leasing of garden?
This is a broad question, I’ll try my best.
Fact: We don’t have an option today to create a custom polymorphic entity - to capture/store multiple types of entities. There are some available OOB entities - Customer to store Account/Contact, Owner to store User/Team, Activity Regarding to store any Activity enabled entities.
If you look at Bookable Resource entity, even MS store the type like User or Equipment & respective lookup records separately. This is what you need exactly. Read more
1) Which entity to choose for person -> User or Contact
2) Which entity to choose for company?
User (owner) in case you need security around the ownership of the records. Then company has to be the Teams, because you mentioned Garden maybe owned by Person or Company. How many records you’re going to manage and are they going to get login in CRM?
You may have to look at PowerApps (Dynamics) portals which gives B2B, B2C options to control records ownership by Accounts/Contacts.
3) How to design record ownership or leasing of garden?
Partially answered in the above points. For leasing, you can have multiple subgrid (1:N) relationship. If required, you may need a custom component or web resource to pull the multiple type of owned/leasing records by UNION the results & render as a grid.
Lets say
User A belongs to Team X and Team Y
User B belong to Team X
User C belongs to Team X
I want to create a view to display only activities owned by users belonging to Team X and not belonging to both Team X&Y. That result set should only display activities belonging to User B&C.
I created a view but it shows activities of user A as well.
Advance Find
I think you probably want one of these 'equals current user...' options.
Or perhaps simply this - you can enter multiple users.
You also have to keep in mind Security roles and how they impact your views. If you are a SysAdmin, your views will not be filtered at all by ownership - only the criteria you put into the view. If you have a view where "Owner = Team A", then SysAdmin would see all those records where Owner = Team A. If you have a less-permissed user (say, they only have USER LEVEL read on the entity), and the view is "Owner =Team A" - they'd only see records in that view if they belonged to Team A.
It is important to know that User ownership is a mirror of Team ownership. So, User level read actually lets me see ALL records that I own or MY TEAMS own, that satisfy your filter criteria.
Above answer should work - I would use "Equals Current User or User's Teams" but again, depends on exactly what you are trying to do and how everything is setup in CRM
I have a (CRM) grid that has associated view (a) I need to add another associated view (b) to the same grid and to give different view permission (some users will see 'a' and some will see 'b') can I control these permissions on my associated grids
Based on your requirement, it looks like you don’t need two views & switch hit.
User A should have a security role A which will filter the data what he can see & cant see.
In security role A modify the Read privilege to BU level - half amber (now it may be full green - Org level)
The same security role A to User B (if they are from different BU) will work as it is. Basically role A has to be there in all BUs individually.
I plan to implement this for Requisition document.
So, I have 8 users, each from different Organizations.
There are 3 Organization.
1. General Organization
Users :
1) G0
2) G1a
3) G1b
2. Finance Organization
Users :
1) F1
2) F2
3. Technical Organization
Users :
1) T0
2) T1a
3) T1b
Assuming that I am user G0, I have 4 Approvals. They are from :
1. G1a
2. G1b
3. F1
4. F2
And, assuming that I am user T0, I also have 4 Approvals. They are from :
1. T1a
2. T1b
3. F1
4. F2
So I need to have permission from people in my organization first (depends on who login) before the approval from people in Finance Organization.
How can I make it possible in Adempiere?
The Standard Approval in Adempiere requires the Supervisor of a User approve any value above the Approval Amount of the user's Role.
However, as you have no doubt discovered, it only allows for one supervisor approving.
To achieve what you need is a little trickier and you will need to use the Workflow functionality of Adempiere. There are a number of steps involved and they're described in this howto from the Adempiere wiki.