Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata
CiviCRM Documentation

This page refers to outdated version of CiviCRM. Check current version of documentation.

Can I define access control for groups/roles?

  1. Let's assume you want to restrict folks who can view/edit all contacts
    in CiviCRM Group 'Group 2'
  2. Put all the folks who can only View Group 2 Contacts in a CiviCRM
    Group 'ACL View Group 2'
  3. Put all the folks who can Edit Group 2 Contacts in a CiviCRM Group
    'ACL Edit Group 2'. Note that Edit implies View
  4. Create two ACL Roles ' ACL View Group 2 Role' and 'ACL Edit Group 2 Role'
  5. Assign the above ACL Roles to the corresponding CiviCRM Groups
  6. Create an ACL giving ' ACL View Group 2 Role' 'View' access on 'Group 2'

QUESTION: Can you restrict folks who can NOT view/edit contacts in 'Group 2'?

RESPONSE: Currently 'no' primarily for two reasons:

  1. We do not support the 'deny' acl
  2. We dont really have a 'not' operator implemented in search

[Source. ]
Labels
  • None

Creative Commons License
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Share Alike 3.0 United States Licence.