Details
-
Type:
Improvement
-
Status: Done/Fixed
-
Priority:
Trivial
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.3.4
-
Fix Version/s: 4.4.0
-
Component/s: None
-
Labels:None
Description
The current help text in the "Access Control" area is:
"Use Drupal Access Control to manage basic access to CiviCRM components and menu items. Use CiviCRM ACLs to control access to specific CiviCRM contact groups. You can also configure ACLs to grant or deny access to specific Profiles, and/or Custom Data Fields."
From this, it isn't clear that the ACLs you create in CiviCRM override the associated CMS permission, and that ACLs don't technically deny anything. Could I suggest something along the lines of:
"Use Drupal Access Control to manage basic access to CiviCRM components and menu items. Use CiviCRM ACLs to control access to specific CiviCRM contact groups. You can also configure ACLs to grant access to specific Profiles, and/or Custom Data Fields.
Note that ACLs only work when they override a Drupal permission. If you wish to use ACLs, first disable the Drupal permission to view/edit/delete contacts for a Drupal user role, and then gradually add ACLs to replace that permission for certain groups of contacts."
This my understanding of ACLs. I've never actively used this feature, so if I'm wrong, please correct me; I re-wrote the book chapter last year, so it's important this be corrected. I should make this clearer in the book.
Thanks