Company Table write acl

Cupcake
Mega Guru

‎04-06-2017 09:10 AM

I want to know if anyone can provide a solution for a write acl on the Core Company Table

So I created a new tab on the Company Table (Vendor View). The need is to only be able to give certain users access to update the fields on this tab only; however, I realized that there is a Write ACL that gives anyone with the vendor manager role complete access to write to any field on that table. I created a new role, applied that role to a new group and gave that group to the specific users that should only be able to update the fields on that tab that I created. I then created a write acl for one of the fields on that tab and said that only someone with that role could update that field. The vendor manager role is overwriting my write acl and I thought about applying the Vendor Manager role to the specific users but at the same time I don't want those users to update any of the other fields on the company table.

So temporarily it was approved to give those three users the vendor manager role that will allow them to update their fields but I would like to get a solution for the future in case this is opened up to a larger group of people.

find_real_file.png

Any information / solutions that you can provide would be of great help.

Thanks,

Karen

Preview file
22 KB
0 Helpfuls
  • 1,862 Views
1 REPLY 1

veena_kvkk88
Mega Guru

‎04-06-2017 12:04 PM

Hi Karen.



If you want the new role users to write to only those new fields, and those fields cannot be edited by any other user (say vendor_manager user), these set of acls should work.



core_company                                       - write : vendor_manager, new_role (give write access at table level for both roles)


core_company.*                                   - write : vendor_manager (give write access to all fields for vendor_manager, do not give this to new_role)


core_company.u_diverse       - write : new_role (do not give this to vendor_manager, lets only new_role to write to this and the next ones similarly)


core_company.u_gender       - write : new_role


core_company.u_ethnicity   - write : new_role


core_company.u_category   - write : new_role



Since new_role was not given core_company.* write access, they won't be able to write to any other fields.


Since vendor_manager was not given core_company.specific fields, they wont be able to write to them.