Set a default role for newly created users

bsoremsugar —  October 31, 2012 — 2 Comments

Here’s a question that I’ve seen time and time again in the forums…

Is it possible to default permissions for users who are not part of a user role, that is, permissions that are also inherited by other roles as default permissions?

Situation: By default I want some fields to only be writable by a certain group of users. Everyone else should not have access to the change the field value.

I want to avoid creating a default role where I have to add all new users. If it is possible to create a role where users are automatically added, then that might be an option.

This is pretty easy to do with an after_save logic hook on the Users module, triggered each time a new user is created like so…

You can extend this method to specify a series of default roles, or conditions for default roles being applied as well.

Thanks to MrBigAllan in the forums for posting the original solution I based the above example on.

2 responses to Set a default role for newly created users

  1. 

    The code above won’t work without this sentence on the top of the page:

    if(!defined(‘sugarEntry’) || !sugarEntry) die(‘Not A Valid Entry Point’);

  2. 

    Create a role named ‘Default’ and add a stored procedure

    delimiter $$
    drop trigger if exists trigger_users_after_insert;
    create trigger trigger_users_after_insert after insert on users
    for each row
    begin

    IF NOT EXISTS (select aru.id from acl_roles_users aru
    join acl_roles ar on (ar.name = ‘Default’ and ar.deleted = 0 and ar.id = aru.role_id)
    where aru.user_id = NEW.id
    ) THEN
    insert into acl_roles_users
    select uuid(), acl_roles.id, NEW.id,
    current_timestamp, 0 from acl_roles where name = ‘Default’ and deleted = 0 limit 1;
    END IF;

    end;

    $$
    delimiter ;

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s