Allow assigning priorities to user groups

jeremy.morton 3 years ago in ADAM Core updated by Nik De Clercq 3 years ago 2

It would be nice to be able to assign a priority to each user group. This would determine which of the user group's permissions took priority over the other.

For example, currently if a user is in "Users" and "Editors", and the "Users" group denies permission to edit some read-only fields, that permission will be denied to any user in both groups even if "Editors" grants that permission because deny always takes precedence. It should be possible to set "Users" as a priority 1 group, and "Editors" as (for example) priority 5. This would mean any grant/deny permissions in "Editors" would take precedence because of the higher priority, so permission to edit the read-only fields could be granted in the "Editors" group. It would then be possible for a user to be a member of both groups, and have permission to edit the read-only fields.


Have you tried setting up your security model so you don't need a deny?

You could create a "ReadOnly" fieldgroup and only put those fields in there that you need to be read only for some users. The fields in the "ReadOnly" group shouldn't be in any other field group you put security on.

Once that's done, you grant edit permissions on the "ReadOnly" field group for the "Editors".

Doing that makes that people in the "Users" group don't have edit permissions on the "ReadOnly" fields. But the great thing is that all users in the "Editors" group will have edit permissions.

Hope this helps ;-)