phpsugarcrmsugarbean

Restricting Access to Edit in SugarCRM


I want to restrict editing of a record based on custom rules. I was able to restrict the list view, but cannot seem to get the edit restriction working.

In the custom controller, I have

class CustomOpportunitiesController extends SugarController { 

protected function action_editview() {
    $this->bean = new CustomOpportunity();
    // parent::action_editview(); // There is no action_editview() in SugarController
    $this->view_object_map['bean'] = $this->bean;
    $this->view = 'edit';
}

However when I add this, any time I try to edit a record it goes to Create Record instead!

There is absolutely no (useful) documentation on this either. http://support.sugarcrm.com/02_Documentation/04_Sugar_Developer/Sugar_Developer_Guide_6.5/02_Application_Framework/ACL

Version 6.5.13.

(I also have code in the subclass but it's commented out right now.)

class CustomOpportunity extends Opportunity {
    // function ACLAccess($view,$is_owner='not_set') {  ...

Solution

  • There are a number of ways to achieve this. If we're using a custom controller like in your code, you could try this:

    public function action_editview()
    {
        /* Set view */
        if (/*your condition here*/)
        {
            $this->view = 'noaccess';
        }
        else
        {
            $this->view = 'edit';
        }
    }
    

    Hope this helps!

    Ps. The reason your code would appear to create a new record seems to be due to the "$this->bean = new CustomOpportunity();" -line, where you overwrite the bean you are about to edit with a new, fresh record :-)