I want to restrict the display of some fields with sensitive information for certain employees using the CRM, but with the current Community Edition (CE) there is not a build-in way to block fields by either user or role (you can block entire modules using the Roles functionality, but not specific fields). For example, I need certain employees to be able to access the Opportunities Module, but not be able to see the Opportunity Amount or even who is the customer (Account Name).
This is why I'm out to find an easy efficient way to do this. I'm using SugarCRM CE 6.45 (a fairly old version), and to migrate at this point would be a nightmare considering the amount of customization my system has. For this reason I need to code a way to have this resolved.
Goal: For Managers to be able to view all information on the system but have certain fields restricted to non-managers.
On commercial versions of SugarCRM, as per the manual, there is a procedure to hide the fields using the DEPENDENCY command which is inside the VARDEFS functionality.
If you have the Commercial Edition (paid) this is what you do:
Modify:
/custom/Extension/modules/<module>/Ext/Vardefs/<SEARCH FOR YOUR FILE OR CREATE ONE>
Add the following code to the specific file you are modifying
$dictionary['Opportunity']['fields']['description']['dependency']='true';
Then you do
Quick Repair and Rebuild
That should be good enough to solve this on the paid edition.
This functionality is included on a SugarCRM "package" called SugarLogic which is not available for the CE (Community Edition). So I need to take another route.
The Dependency route does not work on the Community Edition!!! So don't waste your time here... as I did.
Searching for Alternatives
I read on some blogs that some people recommended using javascript so disable the fields, I don't understand javascript so I steered away from this option. After a couple of hours of trial and error I came up with a "dumb" but effective way to solve the problem.
My solution is the following:
Go to the following directory on your installation:
./custom/module/<YOUR MODULE>/metadata/
You'll see the code for the different views for each modules, for example on Opportunities you'll get:
dashletviewdefs.php
detailviewdefs.php
editviewdefs.php
listviewdefs.php
popupdefs.php
quickcreatedefs.php
searchdefs.php
SearchFields.php
If you go inside any of these files it will show the code that structures how and what fields will display on your screen. So to accomplish my goal, I used an old fashion php IF STATEMENT on the particular page I want to restrai, as follows:
if($current_user->user_name == "rmalla" ){
<INCLUDE THE CODE THAT SHOWS ALL THE FIELDS YOU WANT TO SEE>}
else {<INCLUDE THE CODE THAT SHOWS THE LIMITED FIELDS YOU WANT OTHER USERS TO SEE>}
NOTE: to be able to use the variable $current_user you need to include global $current_user; at the beginning o the file, otherwise it will be null
Considerations
As a note, I believe these files may be overwritten when you Clear Cache or when you change something in Studio (so this may not be a permanent solution), so as a workaround I made a backup of file (for example detailviewdefs_backup.php ) and created a Cron Job that runs every morning to copy the backup to the original.
This will guarantee that if for some reason the template is modified, it goes back to my desired one every time the Cron Job runs.
Conclusion
I'm know this is not the best solution, but based on my priorities and time constraints, and the fact that it works is good enough for now.