I have a PHP application that writes data to a sugarCRM instance (6.5) using the rest webservice.
I created a special account for consuming the webservice and give it Administrator privileges (not sure if it is the best) I did it to makes things easy and avoid having to individually set permissions to each and every module, and everything works great.
I can set_entry (create or update) records in custom modules (students, discounts, scholarships, tasks, etc) no problem (dev and production instances) but I am facing a problem with the core module Accounts using the same code I can login correctly it gives me a session id and recognices me as an admin, but once i call the set entry method it gives me an Access Denied 40 error You don't have access.
On the dev instance works flawlessly (exact replica and permissions) but in the production one gives me such error.
I don´t get why it is supposed to be an admin account.
To disscard a coding error in my application I use another user (regular) who has explicit acces (edit, create, delete, etc) to the Accounts module given by a custom role and it works propertly.
What the problem might be?.
The two ideas that comes to my mind are
- to use an alternate user with explicit access to the module (not ideal) or
- create a role and give explicit access to the module (and all the modules used) and assignt it to the webservice user (seems unnecessary given that it is suppose to be an admin account).
Any help will be aprecciated.