OroPlatform Forums

Covering OroPlatform topics, including community updates and company announcements.

Forums Forums OroPlatform OroPlatform – Security Field level access control

This topic contains 11 replies, has 5 voices, and was last updated by  Stepan Yudin 7 years, 4 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
    Topic
  • #35497

    Ahmad Golzar
    Participant

    Hi,

    Firs I should say we like you ACL system very much. It has covered most of our requirements.

    Do you have a plan to implement field level access restriction? Sometimes we just need that users with a specific role can edit or view an entity but not being able to view or edit a specific field. What is your suggestion?

    Best,
    Ahmad

Viewing 11 replies - 1 through 11 (of 11 total)
  • Author
    Replies
  • #35498

    Yurii Muratov
    Participant

    Hi, @ahmad-golzar.

    Thanks for your feedback.

    Yes, we have a plans to implement access checks on field level, but unfortunately, I cannot say when it will be implemented.

    I think that @Soroka able to provide more information on this subject

    #35499

    Stepan Yudin
    Participant

    Hi, Yuri.
    Im interested in this functional too. Maybe you know now – how long to wait for ths feature?


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35500

    Artem Liubeznyi
    Spectator

    Hi Stepan,

    This feature is in our backlog but unfortunately I cannot provide you the clear timeline just yet. I will post an update here as soon as we decide to put it into a release.

    Thanks for your interest in OroCRM!

    #35501

    Stepan Yudin
    Participant

    Thank you, Artem. It would be great!


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35502

    ishakuta
    Participant

    Here’s some draft https://github.com/orocrm/platform/pull/337 for field level acl.

    #35503

    Stepan Yudin
    Participant

    Yep, i saw it. Now waiting for this pull request to be merged)


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35504

    Artem Liubeznyi
    Spectator

    It (finally) should be available in the upcoming 1.10 release. Thanks for your patience!

    #35505

    Stepan Yudin
    Participant

    Hooray! Thank you!


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35506

    Stepan Yudin
    Participant

    Good day everyone!

    One more question: is there any possibility to force enable field level ACL for entity?

    I added "field_acl_supported"="true" to my entity config, but after this i have to go to entity management UI and turn it on. I want to do this with migrations or with any other way without UI interactions.


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35507

    Stepan Yudin
    Participant

    I’ve found the solution. Just needed to add one more property to security config.
    Take a look at lines 9-11

    Thank you anyway, great Field-level ACL implementation)


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

    #35508

    Stepan Yudin
    Participant

    One more question)

    How can i turn of all permissions for specified field?
    I tried this:

    It works, but error hapens when i try to change any permission and save role via the UI form.


    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform
    https://github.com/stepansib/sf-oro-docker

Viewing 11 replies - 1 through 11 (of 11 total)

The forum ‘OroPlatform – Security’ is closed to new topics and replies.

Back to top