Overriding an Action’s access control in Sugar 7.5

Olivier Nepomiachty —  May 13, 2015

When it comes to customization, Sugar 7 is far away the best and most flexible CRM on the market. The Sugar framework empowers the developers to make heavy modifications in the user interface (UI) without touching the core of the product.

Our customers are always coming up with interesting use cases.  One customer asked me this question.

I don’t want my end users to accidentally unlink related Contact records.  Is it possible to selectively disable the Unlink button so that only some users are allowed to use it?

The Unlink action that our customer wanted disabled.

The Unlink action that our customer wanted disabled.

There are many ways to do this but here is an easy one that allow us to manage who has access to unlink a record using Teams.  But we could just as easily adapt this technique to use a Role or some other attribute of a Sugar user to do the same thing.  Sugar’s flexibility means your imagination is the limit.

Step 1: Create the “unlink” team

First off, we will add a new team called “unlink” to the Sugar instance.  Only users who are members of this team will be able to perform an unlink action.

Log in as a Sugar Administrator, navigate to the Administration > Team Management.  Then create the team “unlink” and add the Administrator user to this team.

Step 2: Override the UnlinkAction field controller

Since we want to make this change to all uses of the UnlinkAction in all subpanels, we will override the core UnlinkAction itself instead of defining a new one and configuring it via metadata.  This is convenient since it makes our change small but could be an issue during upgrade if the base Sugar implementation of UnlinkAction changes.  In Sugar 7, each Action’s access control is implemented by the hasAccess function.

Since we want most of the UnlinkAction’s behavior to remain the same we will start by copying clients/base/fields/unlink-action/unlink-action.js to custom/clients/base/fields/unlink-action/unlink-action.js

The changed code is annotated with “Olivier – Start” and “Olivier – Stop” comments below.

The change in the hasAccess function is straightforward.  We test the user’s list of teams to see if our special “unlink” team exists.

Step 3: Test it out!

Log in as the Administrator and run a Quick Repair and Rebuild if you haven’t already and clear your browser cache for good measure.

Now, have the Administrator visit an Account record with related Contacts.  Notice that the Administrator is allowed to unlink any contact from this view.

Log in as a regular user not on the “unlink” team. Visit the same Account record as before.  Notice that this user cannot unlink any of these related Contacts.

Log in as the Administrator again and add the previous regular user to the team “unlink”.

Finally, log in as the regular user again and visit the same Account record.  Notice that the user can now unlink related Contacts.

Olivier Nepomiachty

Posts

Principal Sales Engineer & Evangelist working at SugarCRM. Dad, geek, ultrarunner and fan of the Thundermother (Swedish Metal band).

One response to Overriding an Action’s access control in Sugar 7.5

  1. 

    Great post, thanks! Just one comment though, it looks like you’re missing some curly braces on you for-loop there.