Multiple Field Ownership

This topic contains 5 replies, has 2 voices, and was last updated by seddonm1 9 years, 10 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Creator
Topic
May 29, 2014 at 3:44 pm #28050

seddonm1
Participant
Hi,
I have a question which I will do my best to ask here using an example.
Scenario:
User creates account and links a contact to that account. User wants the new contact joined to that account to have edit access to that account so they can maintain it themselves and update details.
This would require a new user to be created with maybe a role of ‘Account Maintainer’. This user would then have to be assigned to the contact through some intermediary table (in this example MY_NEW_CONTACT_TO_USER_TABLE which would be one-to-one). This would allow a join like this:
These people would be used in the ACL:
select * from orocrm_account
inner join orocrm_account_to_contact on orocrm_account.id = orocrm_account_to_contact.account_id
inner join MY_NEW_CONTACT_TO_USER_TABLE on orocrm_account_to_contact.contact_id = MY_NEW_CONTACT_TO_USER_TABLE.contact_id
where MY_NEW_CONTACT_TO_USER_TABLE.user_id = {CurrentUser}
or
orocrm_account.user_owner_id = {CurrentUser}
Current model:
My problem is that in my understanding of oro_security it uses the annotations on the Account entity which only supports one field:
* “ownership”={
* “owner_type”=”USER”,
* “owner_field_name”=”owner”,
* “owner_column_name”=”user_owner_id”
* },
Assuming that we already had a way of linking the orocrm_contact entity to the oro_user entity how would you go about providing multiple ownership fields in the entity?
Thanks,
Mike
Creator
Topic

Viewing 5 replies - 1 through 5 (of 5 total)

Author
Replies
May 29, 2014 at 5:47 pm #28051

Dima Soroka
Keymaster
Not sure i’m getting the idea of multiple ownership fields. Based on your description you are going to have relation between user and contact so just make this user as an owner for account. This will allow to use existing security model without any modifications.
May 29, 2014 at 9:52 pm #28052

seddonm1
Participant
Hi Dima,
Sorry, my description wasn’t clear.
Is is possible to have two (or more) owners for one account without using the business unit/division/organisation model?
Scenario:
1. I am a Sales Manager and I create an account. Therefore my user is the owner (user_owner_id).
2. I add a contact to that account. I also create a userid for that contact to the system so they can login.
3. I want to remain as the owner of the account but want the new userid to be able to edit the account too – but ONLY the account they are joined to.
Hopefully that is better?
Cheers,
Mike
May 29, 2014 at 11:18 pm #28053

seddonm1
Participant
Hi,
Maybe what I am referring to is the SHARE functionality listed in your security module as coming soon:
**SHARE**: Controls whether the user can share a record with another user.
`*` **NOTE: SHARE functionality isn’t implemented yet, so SHARE permissions are not used**
This seems to describe the solution:
**User**: Allows to gives a user a permissions to access to own records and records that are shared with the user.
This way the owner of the record could ‘share’ the specific account record with the new user?
Cheers,
Mike
May 30, 2014 at 4:39 pm #28054

Dima Soroka
Keymaster
Yes, sharing option will help in this case but it is not implemented yet.
As alternative option you may implement your own voter.
June 1, 2014 at 10:38 pm #28055

seddonm1
Participant
Thank you Dima.
I have built a voter which allows this permission if I create a new role like ‘Account Maintainer’ and give ‘System’ permission then override the permission with the custom voter.
In doing so, I have found a defect with the query builder relating to how the permission SQL is generated:
https://github.com/orocrm/crm/issues/48
Cheers,
Mike
Author
Replies

Viewing 5 replies - 1 through 5 (of 5 total)

The forum ‘OroCRM – How do I? Questions’ is closed to new topics and replies.

OroCRM Forums