This documentation refers to an older version of CiviCRM (3.4 / 4.0). The current stable version is 4.1. Please introduce all documentation changes and new material here.

Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata
This page refers to CiviCRM 3.4 and 4.0, current STABLE version.

Documentation Search

CiviCRM 3.4 and 4.0 Documentation

Support and Participation

Developer Resources

CiviCRM books!

Make sure to check out the FLOSS Manual Understanding CiviCRM as well! You can also support this project by ordering a hard copy.

Or support us by buying an eBook or hard copy of Using CiviCRM from Packt Publishing.

What happens in cases of overlapping permissions between Drupal and civiCRM permissioning?

For Example:

I grant Edit permissions for a specific Group X to a group of contacts via CiviCRM ACL, and then grant "Edit all contacts" to a Drupal role.
Will a user be able to edit contacts in Group X if they have 'Edit all contacts' role (Drupal) but ARE NOT in the group with "Edit Group X" permissions?

In general all the drupal permissions are "super" user permissions - they grant broad, wide ranging powers.

In the above case, if a user has "edit all contacts", (s)he can edit all contacts.
All other edit/view contact permissions are not even looked at by CiviCRM.

However, if the user has "view all contacts" and an CiviCRM ACL to "edit contacts" in Group X,
(S)he should be able to edit only contacts from Group X.
Labels
  • None