Overview
ACLs and restricting access.
Access Control Lists
ACLs or Access Control Lists, are used to restrict access to modules, data and actions available to users within Sugar. ACLs are defined in the Roles module which can be found in the Admin section. ACLs are not available in the Community Edition of Sugar.
Checking Access
You can verify role access to content by using the checkAccess() method found in the ACLController.
Parameters
- $category : Corresponds to the module directory where the bean resides. For example: Accounts.
- $action : The action you want to check against. For example, Edit. These actions correspond to actions in the acl_actions table as well as actions performed by the user within the application.
- $is_owner : verifies if the owner of the record is attempting an action. Defaults to false. This is relevant when the access level = ALLOW_OWNER.
- $type : Defaults to "module".
Example
if (ACLController::checkAccess($category, $action, $is_owner, $type))
{
//Code
}
See the Roles section in the Sugar Application Guide for a list of actions and their possible values.
