AnsweredAssumed Answered

ACLVisibility vs. expanding the meaning of 'owner'

Question asked by Aleksandra Mazurek on Oct 11, 2018
Latest reply on Oct 22, 2018 by Oriol Barbeta

I want to know if and when will it be possible to overwrite permissions in more upgrade safe way. It has been an issue since always. ACL and Visibility Strategies where added some time ago ofcourse. This solves most issues however it does not solve one: expanding the meaning of 'owner'

In many development cases such as:
* 2 or more 'Assigned to' People
* quick and easy way to give access to ALL records of UserA to UserB in case of holiday absence ( and then take them away after)
* etc.

We can achieve it by changing the meaning of "Owner" and expand it... We can easily do that for ACL Strategies because Sugar allows to set 'SugarACLStatic' to false, and then by adding another strategy that extends SugarACLStatic it is done upgrade-safe.


However with ACLVisibilities it does not work the same.

The ACLVisibility class is always added to bean strategies (SugarBean.php:624 in SugarENT 8.0.1) if bean implements ACL and so there is no possibity to expand the meaning of owner because ACLVisibility will always return where statement that for role on owner level will reduce the list result to:

where assigned_user_id==user_id...


It would be great if Sugar could change the implementation of VisibilityStrategies to work simmilar to AclStrategies so that developer can turn-off ACLVisibility in vardefs visibility definition.


Of course it would be even better if there was an upgrade-safe way to ADD new Level of permissions in Role Management


Am I wrong that there is no currently available way to achieve what I've described? 



Best Regards

Aleksandra Mazurek