Users, Roles, and Security Groups Management - How to Set up a Downline in SuiteCRM
SuiteCRM 7.5.1 - In Reference to using Users, Roles, and the Security Groups within SuiteCRM specifically.
So, I have a specific setup and I've looked through and read lots of documentation and tried my best to wrap my head around how SuiteCRM does this.
How would one correctly implement the following scenario?:
Let's say I have a tree like so:
We'll number these rows for the sake of understanding: 1, 2, 3 and 4. Then we have Administrators who are employees to throw into the mix.
Administrators can work with almost all records except working with workflows, mess with code, or mess with a few custom modules, outside of that, they have very few restrictions and don't obey any of the rules of the downline.
Then we follow the downline:
Person 1's can see all Person 2's, 3's, and 4's that are specifically within their downline and within their Territory. They cannot see any other Person 1's period. They cannot see any 2's, 3's, and 4's that aren't within their downline or their Territory. They also cannot see Administrators or anything assigned to them.
Person 2's can see all Person 3's and 4's within their specific Downline and Territory, They cannot see any Person 1's or 2's period. They cannot see any Person 3's or 4's outside of their Territory or Downline. They also cannot see Administrators or anything assigned to them.
Person 3's can see all 4's within their specific Downline and Territory, They cannot see any Person 1's, 2's, or other 3's period. They cannot see any Person 4's outside of their Territory or Downline. They also cannot see Administrators or anything assigned to them.
Person 4's can see only records assigned to them.
In this example there is only 4 deep, in the real world, there is actually 12 deep plus administrators plus me, the Super Admin.
How can I go about resolving this?
I wrote SecuritySuite and what you need is fairly typical. There can be a large learning curve for figuring this out so I wrote up an example setup for a 3 deep hierarchy here to try to help with that a bit: https://www.sugaroutfitters.com/docs/securitysuite/example-of-a-typical-setup.
Your example is a 4 deep hierarchy, but it's fairly similar. The key is to create groups for the lowest level. In your case, this would be at the person 4 levels. So person 4a, 4b, 4c would all be in Group A. A role with Owner only rights would be assigned directly to Group A so that 4a/4b/4c could only access their own records.
Person 3a would be in Group A, but a "Manager" role would be created with Group access and assigned directly to person 3a. Person 3a's Group A membership would be marked as non-inheritable so that when person 3a creates a record Group A wouldn't be assigned to it directly. Person 3a would also be in Group AA along with person 3b/3c/3d (according to the picture above).
Person 2b (2nd person in the 2nd tier of the image above) would be in Group A and Group AA, both marked as non-inheritable. Person 2b would have the "Manager" role assigned directly.
Person 1 would have a role assigned directly with "All" access as this person can see everyone.
- In Microsoft Dynamics 365 CRM what is the major difference in plugins and workflows when both serve the same purpose
- Hide/show fields based on a Boolean with JavaScript Dynamics CRM
- Rapid Application Development for PHP / MySQL?
- Python API and Salesforce Rest API Data discrepancy in returning number of records
- Custom module using vtlib with step by step in vTiger7
- How to create backups from user interface CRM?
- Zoho CRM API: Python request-based POST or GET authentication + insertion of contacts
- D365 Same Tracking Token was assigned to Email/Case in Customer Service
- Organization Integration on Dynamics 365 crm
- Dynamics 365 CRM On Premise New install Errors when Creating a New Org
- How to link two records with JavaScript and a n:m relationship
- Is there a way I can generate a list of all entities in CRM and if they have audit history turned on or not?
- Can I get the GUID of a record in a CRM workflow?
- Get the string value from OptionSetValue in CRM Plugin
- How to submit the content of contact form 7 to external CRM
- Order by a string by numbers with QueryExpression
- How to display contacts for account and sub-account in Dynamics CRM
- adding a mass action to Laravel Application
- How to validate a dynamic365 solution file before import using powershell or shell script
- PHP Connect to Microsoft Dynamics CRM
- ZOHO CRM Not getting refresh token in response
- How to calculate Monthly Recurring Revenue using DAX?
- vTiger 7 Custom Entity Module Not displaying data
- list is not in GROUP BY clause and contains nonaggregated column in X2CRM
- I want to integrate Dynamics CRM with Postman without AAD registration
- Auto populate lookup field through plugin in C# plugin in Dynamic CRM
- Error connecting to organization using XRMToolKit Error Message: A proxy type with the name pluginassembly has been defined by another assembly
- What happens to tasks/cases in MS Dynamics CRM that were assigned to employees that have been terminated or left the company?
- error when trying to open solution with Ribbon workbench
- CRM WEB API v9.2 Update OpportunityProducts: Trying to update EquipmentId in OpportunityProducts Entity and getting error