Hello,
I have came up with some of the test cases for validating vtiger 5 - Role based Security Management). Thanks to DON for reviewing this document.
In fact this document is in Work in progress (v 0.1 version) and expect a lot of improvements by v5 Beta release. For the first cut I have outlined the scope of the role based security management.
Test cases:
Managing Profiles
Managing Roles
Manage Users with Access Privileges
Managing Groups
Setting up Default Organization Fields Access
Setting up Default Organization Sharing Access[/list:u]
Sample Organization Hierarchy
For the benefit of validators to write their Please feel free to add your observations, test results, error messages at Wiki document:
<!-- m --><a class="postlink" href="
http://www.vtiger.com/wiki/index.php/Vtiger_CRM_5_Test_Cases">http://www.vtiger.com/wiki/index.php/Vt ... Test_Cases</a><!-- m -->
You can use the today's v5 pre-beta for a glance review
URL: <!-- m --><a class="postlink" href="
http://www.vtiger.com/products/crm/demo_5alpha/index.php">http://www.vtiger.com/products/crm/demo ... /index.php</a><!-- m -->
Afterwards, you can use the today's build for validating security testcases in your own setup:
Download URL:
<!-- m --><a class="postlink" href="http://sourceforge.net/project/showfiles.php?group_id=117522&package_id=188990">http://sourceforge.net/project/showfile ... _id=188990</a><!-- m -->
Have a nice week end...
Gopal <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>; <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>;
Comments
that is a very seriouse issue. without valid and documented rules nobody can configure the security settings.
how should i report my findings? posting a ticket is not an option since the issue is too complex for puttting it into a simple ticket description.
thank you for reviewing security model after beta 2. could you please send all your findings to my personal email id gopals at vtiger dot com?
in the meantime, i will also review the user interface and update the test cases asap.
regards,
gopal
i am facing problems in sharing access module. the version i am using is v4.2.4 & also v5.0.
my organisation structure is as follows ;
(a) ceo (chief executive officer)
(b) cmo (chief marketing officer) - reports to ceo
we have 2 groups/departments ;
1) international marketing &
2) domestic marketing
(c) international marketing department has a
a) intl. business manager (ibm) - 1 no. & b) intl. business executive (ibe) - 2 nos.
likewise,
(d) domestic marketing department has a
a) domestic business manager (dbm) - 1 no. & b) domestic business executive (dbe) - 2 nos.
dbe reports to dbm ; dbm reports to cmo.
likewise,
ibe reports to ibm ; ibm reports to cmo.
cmo reports to ceo.
my requirement is ;
i) dbe should be able to access only his record. dbe should not access any record of dbm, ibm, ibe, cmo & ceo.
ii) ibe should be able to access only his record. ibe should not access any record of ibm, dbm, dbe, cmo & ceo.
iii) dbm should be able to access his record & record of his dbe. dbm should not access any record of ibm, ibe, cmo & ceo.
iv) ibm should be able to access his record & record of his ibe. ibm should not access any record of dbm, dbe, cmo & ceo.
v) cmo should be able to access his record, record of ibm, ibe, dbm & dbe. cmo should not be able to access any record of ceo.
vi) ceo should be able to access all records.
i have tried all possible settings but haven't succceeded....all records are being accessed by everyone & there's no limitation...
please help with a solution.
thanks,
deepak
mob: +91-98220-67467
unzip and open the html file with your browser.
you may find this helpful to figure out your configuration.
please keep in mind that this is based on the rc release. if something changes at the ga release we will update the examples and provide a description at the new manual.
i tried the way you've explained but it hasn't helped..
kindly advice.
deepak
thanks for your interest in vtigercrm.
the problems experienced by you might occur due to the following reasons:
1. if the default organisation sharing access is not set as private
2. if in the profile the glo\bal permissions for view all and edit all is not disabled.
3. if after specifying the default organisation sharing access, recalculation of the sharing rules is not done. to do this just click on the recalculate button in the sharing privileges page.
4. if the is admin option is enabled for the user.
kindly cross check this. hope this helps you.
thanks & regards,
don
vtiger-team
thanks very much for your inputs.
applying point 2 suggested (2. if in the profile the glo\bal permissions for view all and edit all is not disabled.) served my requirement partially...
now, group international marketing is not able to access group domestic marketing's data & vice-versa....
but, within the group, all users are able to access each other's data...how do i prevent this ?
kindly advice.
deepak
i am awaiting your inputs to resolve my difficulty. do you have any solution to offer ?
thanks,
deepak
you should check your settings again.
after you pushed the recalculate button wait a couple of minutes before loging in again.
i rechecked with the settings & found that it worked...
don's solution suggested worked for me..
thanks to you all.
regards,
deepak <!-- s:) --><img src="{smilies_path}/icon_smile.gif" alt=":)" title="smile" /><!-- s:) -->