AnsweredAssumed Answered

Populating drop-down from Users module

Question asked by Michael Jones on Mar 2, 2018

I'm working on populating a drop-down which has been maintained manually using the Sugar interface - replacing that list with one generated from the Users module. I used this technique as a starting point:

So far, so good. I wanted to use SugarBeans instead of doing a straight query, though, so I replaced some of the code with Bean-powered code (a "BDR" is a specific kind of user in our organization) and changed the query to select from the Users module:

function getBDRs() {
         static $BDR_array = null;
         if (!$BDR_array)
                 $user = BeanFactory::newBean('Users');
                 $BDRs = $user->get_full_list("first_name, last_name", "users.title = 'BDR' AND users.status = 'Active'");
                 $BDR_array = array('' => '');
                 foreach ($BDRs AS $this_BDR)
                         $BDR_array[$this_BDR->user_name] = $this_BDR->first_name .' '. $this_BDR->last_name;
     return $BDR_array;

This is working as expected and it all seemed like a wonderful idea until I started wondering whether it was possible that the Sugar user who was logged in might have restricted access to the information in Users. I'm trying to decide whether I want to use "disable_row_level_security = TRUE" or even convert this back to a plain SQL query, or whether I'm worrying too much and this will work fine in every conceivable case.


I see from the documentation about the Employees module that "As the Employees module contains internal information about your company, not specifically Sugar, it is not subject to team and role restrictions." So maybe I'm worrying too much.


Sugar 7.8 Pro