Review of extension Relationship Permissions as ACLs

Publicado
2014-02-05 10:12
Written by
ErikHommel - member of the CiviCRM community - view blog guidelines

We are reviewing the extension Relationship Permissions as ACLs, which has been made available by Eileen McNaughton from Fuzion (http://fuzion.co.nz/). Kudos to Eileen and Fuzion for sharing the extension!

What does it do

The extension sets permissions for contacts based on the relations permission.It is a bit complicated......did we get it correctly Eileen?

When you want be able to have the permissions on relationship going one level further then the standard CiviCRM level.
This extension is useful in the following example where you have the following contacts:

Bookshop (Local department)

  • Johnson – Manager of local department, a permission relationship for Johnson to the bookshop (Johnson is allowed to view and edit the bookshop)
     
  • Betty – Volunteer at the local department, a permission relationship for the bookhsop to the volunteer (the bookshop is allowed to view and edit Betty)
     
  • Joe – Another volunteer at the local department, a permission relationship for the bookshop to the volunteer (the bookshop is allowed to view and edit Joe)
     

All persons have a relationship with a local department. But when Johnson logs into CiviCRM he is only allowed to see and edit the bookshop. This is standard CiviCRM behavior. What we want is that he will also see and is allowed to edit the volunteer. We can achieve that by using this extension. Because this exentions gives Johnson the same permissions to contacts as the bookshop has. (or all contacts which he is related to with permissions to view and edit).

Documentation ***

Three out of 5 stars. The documentation on the extensions page is there, and explains what it does in broad strokes. From our point of view a little example would have been nice so the not-so-experienced CiviCRM user also understands what it is going to do as it can be really useful! And perhaps a little technical documentation would help also.

Functionality *****

Although the functionality of this extension might not be applicable to every CiviCRM customer, it is pretty vital and really cool if you are in a situation where you need someone to be able to access all contacts of an organization. So full marks here!

Code****

The code is structured and follows the CiviCRM standards. The only comment we could find that it looks as if a table is created for every user in the database? Perhaps it is also possible to have one generic table and use views?

Ease of Use *****

The extension can be downloaded, functions straightaway and as could be expected. Full marks.

Overall ****

Our verdict (for what it is worth) is that this is a well produced and extremely useful extension. We feel anyone who contributes an extension deserves applause and beers, we think Eileen deserves an additional warm beer (or f.. w...?) for this extension!

 

Jaap and Erik (http://www.civicoop.org)

 

Filed under

Comments

But it will probably be in the github version - which won't be downloadable because it has a dependency (entity_setting extension). The github version allows you to specify some relationship types will always be permissioned (but it's done in a pre hook & doesn't have pretty js on the UI page to make it clear what is happening)

See, Eileen shares and does a nice work and you are threating her with a warm beer.

What's next Erik? Salty licorice?

Nice to do these presentations and testing of extensions. Keep the good work!

 

Thanks very much for starting to write these reviews! Good criteria at first glance. Might be nice to have some Drupal tough love on our extension code. Must be scary to have it all done so publicly without an opportunity to fix things!

Thanks for the module Eileen. Wish I'd had it a few years ago.

Joe we had a bit of a discussion about the whole public review thing. I'm still thinking about what & when to publish & whether it should be based on code state or on whether the code has a sponsor. My current thinking is to publish everything as beta & only upgrade those things that have a sponsor to being publicly downloadable. This one has been out there for a while though.

At the moment most of my extensions are dependent on the entity setting extension - so that is a blocker to making them downloadable too.

I do need to go through the stuff I have on the go though & at least publish it as far as a beta state onto the directory.

 

Obviously a key risk is the ever-present threat of warm beer

Just wanted to say great review.  I understand the potential for end user confusion as I first thought this extension provided full transitive relationships rights all the way down the tree and not just one step.  I can't thank Eileen enough for this extension as it is invaluable to me as it allows members to manage their own organizations along with a nice webform integration (thanks to Coleman for that one as well) to add new members to their organization.  For large organizations that need to keep an online directory up to date this has saved hundreds of man hours in the first year alone.

Side Note:  Are we pinning these reviews to the extension pages themselves?  Might consider that as the blog is great for posting but long term makes sense to attach to the extension pages themselves.  Would be very useful for the end users.

Eileen: You can always publish the dependent extensions as Drupal modules if you wish :)

I don't think I have permission to add/modify the content types of the Civi website but I will ask Dave about expanding for comments or something like that.