Details

    • Documentation Required?:
      User and Admin Doc
    • Funding Source:
      Contributed Code

      Description

      Primary use case: hide some sensitive financial transactions, for example, major bequests, from staff who need to be able to see other financial transactions.

      Technical objective: create role-based permissions to enable restricting the viewing and editing of contributions and the reporting of contribution income by financial types.

      There can be several financial types associated with a contribution, eg different revenue accounts for each line item. For simplicity, a contribution will be viewable if all of the financial types it includes are viewable, and not viewable if any of them are not viewable. Similarly, to edit a contribution, all of the financial types associated with the contribution must be editable by the user.

      The functionality needs to be implemented in core since an extension would need to override too many files or require the creation of too many new hooks.

      Scope:

      1. Configuration Settings:

      • Enable / Disable creating Permissions for each Financial Type
      • Prevent enabling permissions for financial types that have already been used for Memberships or Participants
      • Prevent use of financial types that allow restrictions from being used for memberships or participants, either when managing pages or through backoffice create and update.
      • Enforce for API CRUD operations on Financial Types.

      2. Search

      • Exclude viewing of Search options for financial types that are not viewable by user.
      • Modify Find Contributions search to support FT permissions.
      • Modify Advanced Search to support FT permissions.
      • Modify Search Builder to support FT permissions.

      3. Reports (12 contribution reports exposed in All Reports)

      • Exclude viewing of Report options for financial types that are not viewable by user.
      • Modify Find Contributions search to support FT permissions.
      • These options result in hiding the existence of Financial Types from users who are are not permissioned to view contributions that include those financial types.

      Core team agreed that automated testing for the new feature should focus testing on API and CRM levels, and not the hard to maintain web tests.

        Attachments

        1. 2015-05-19_13-15-45.png
          117 kB
          Joe Murray
        2. Enable Disable FT perms.png
          41 kB
          Joe Murray
        3. Enable Disable FT perms 2.png
          17 kB
          Joe Murray
        4. FT_ACL_Enable_ContribComponentSettings.PNG
          136 kB
          David Greenberg

          Activity

            People

            • Assignee:
              eileen Eileen McNaughton
              Reporter:
              joemurray Joe Murray
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved: