Unfortunately, it is not possible to grant permissions to selected users/roles to access particular lookups. At the moment, it is possible to manage permissions only for all users/roles at once.
I have a use case where i need to grant access rights to new owner in Lead when the owner gets changed.I want to remove the access rights of the old owner.
By default, Creatio grants maximum access permissions to record author and the record owner.
I have tried to give access to the new owner and revoke the access permission to old owner using Change access right Business process element . Since the old owner is the record author ,that user can able to see ,edit,delete the record .I want to remove the access rights of the old owner.
If you remove all roles/users from default permissions (managed by records access rule settings), users who created the record and records owner will still be able to see/edit/delete the record.
To change this behavior, there are several options:
- open the record in the System Designer and set the rule for the author to grant himself the rights for "not reading" the record
The portal license that I am using in my local instance are as in the photo attached:
Is added object of Application Form (section) but not the case object (should be with the name "Application Form case in the Portal) :
Related to the last question DCM does not appear in the portal section (but as you can see to the image attached the section of the task appear but no the stages one).
Hi! The pictures are not representative anyway as they are made in Old UI. The information should be still relevant though. Please check if the specific portal user has required access rights and it the object has an "SSP available " checkbox checked.
If that did not help - please contact Support individually for investigation to be held
We're setting up access rights in our system and the contacts under "Our Company" are being assigned the access right of "all employees". How can we prevent all of our users from seeing the "Our company" account and contacts under that account? We are using record permissions for each organizational role to only see accounts and contacts within that role, but we want users to see all accounts under the organizational role of "all employees" with the exception of "our company".
If there is a need to restrict access to one specific record you can delete the access rights for this record directly on this record page with a help of "Set up access rights" option. Still the record will be available for the system administrators.
If you need to change the access rights for the contact records connected to this account, it can be done with a hep of custom business process that will read all the contact records where the Account = the_needed_account_record and with a help of "Change access rights" business element will delete or grant needed access permissions.
I'd also suggest to test the solution first on test- or dev- site before applying it in the production site.
I have a business task to allow users "know" about a record they search for even though they don't have permission to view that record.
Meaning: The process before adding a contact is first to make sure the contact does not exist in the system. sometimes a user doesn't have permission so he can't see the record and adds it.
We are looking for a way to let the user know that the contact exists but he just does not have permission to view it. I rather add an option for him to request access straight from Creatio but that's less important if he can know that record exists and ask our support to give him access it will work too.
- Сheck that the object has no publishing errors, and compile the application.
- Check the rights to the section/workspace and that the user has the right license.
- Check the mapping in the SysModul table. It is possible that the section was added to the same workplace twice and there are some duplicates at the database level, in this case, the section will simply not show up. You need to delete the entries at the database level and add the section again.
If the above tips do not help, it is better to contact technical support.
Can you please tell me in which object (table) data about user rights for a specific record is stored?
For example, in sales there is a record "Laptop" for this record the rights are configured, you need the name of this table where the names of users for whom these rights are distributed are stored.
There are 2 objects, in both access rights on records are configured. In the 1st object there is a field "lookup of the 2nd object", it is necessary that - if a record from the 2nd object is selected in the record of the 1st object, then users from the second object are added to the record of the 1st object?
THank you for your answer, but I think we didn't get each other.
For instance , we have object 1- opportunity, and object 2 - product, the product has relationship with opportunuty - 1:N, so there is a lookup field in opportunity for product.
The question is:
Can I configure user rights as when User 1 has access righs to particular product, it will has acess rights to opportunity also.
So if I have Opp_1 and related with him product_1 in that opportunity. If User 1 has access rights to product 1, I need him to have acess rights to its opporunity.
What you are looking for can be achieved by adding only the columns that you want to show to the Portal users into "List of schema fields for portal access" lookup. As a result those fields won't be available on any of the dropdown list.
What you are looking for can be achieved by adding only the columns that you want to show to the Portal users into "List of schema fields for portal access" lookup. As a result those fields won't be available on any of the dropdown list.
Please write to support@creatio.com, as this issue needs more analysis and will require external access to your instance (from Supervisor and test user).
