HI,
I’m trying to install Kreporter 3.1 in SuiteCRM 7.10 and make it work with native modules of Security Suite. I had to do some little modifications for it to work with PHP 7.3.
In addition of these little modifications, I also added some changes that I saw in this forum.
- Added "$sugar_config[‘KReports’][‘authCheck’] = ‘SecurityGroups’; " in config_override
- Added $db in the global declaration inside the display of view.edit.php
But still, when an user is creating a report of a module, it displays all the records, even those that the user don’t have access because they aren’t part of the same group.
What am I missing here?
Thanks in advance,
Alberto
Is authorization check set in Report options?
If you have a licensed KReporter then we have the integrate > Analyzer plugin. Turn it on and check if securitygroups are applied in query.
Post the query if you like.
Hi,
Thanks for your response.
We do have the “On all Nodes” options checked. And we are don’t have a licensed KReporter version.
Can we find this query activating any info log?
We realized that it filters the records by the Security Groups only when the record comes from a related module. For example, you have a report with these fields:
Contacts -> last_name
The report will show all the Contacts regardless the Security Group they are in. Even if the user don’t have access to the Contacts module.
And with a report with these fields:
Contacts -> last_name
Contacts::Calls -> subject
The report will show only the Contact records that have Call records within the same Security Group than the user, IF the module Calls has the Role column “List” set to “Group”.
Are we missing something? Is this the expected behavior?
Please advise,
Thanks
I don’t think it is expected behaviour.
KReporter 3.1 is no longer supported. So if it is a bug it won’t be fixed. If you have any php developers in your team let them habe a look at
modules/KReports/KReportQuery.php
look for securitygroup