Question

Adding a new role throws up permission errors in other modules

1

We've been having this problem for a while. Added a new module to my project and a new role within this project. Added the same role to the top level project security and connected them together. As soon as I do this the modeller throws 218 permission errors saying that my new role needs read access to a load of entity attributes that it will never, ever use. The permission errors are across multiple modules. When I right click on an error and do "show details" I get a popup that says "path to page" but I don't know if this is of any use in fixing the problem. Can anyone shed any light on how to resolve this? It's very time consuming and makes a mockery of the project security.

asked 2017-09-15

Mark Perry

1 answers

Dennis Kho · Answer 1 · 2017-09-15

Most often this comes down to how your layout is setup and which homepages you've set up for your userroles.

Some examples:

On layout level it could be the case that you always show a widget, that invokes a microflow which originates from module X, while your userrole has been setup to see only module Y.
It could be the case that the default homepage has (for example) several datagrids holding data from various modules your new userrole doesn't have access to.

One of the things that pops up in your errors is that you use the deeplink module in (by the looks of it) an anonymous access type of setting. What I see next is that there are microflows in module Account, which refer to subflows from the Service_EBilling module. Since that submicroflow is being triggered, you need access to that module, because the submicroflow probably does some stuff with entities related to that module.