How to setup BrowserCRM so that regardless of who writes/receives emails to/from a customer, everyone can see (at least) those emails, not only the person that sent/received it.
This setting should be overwritten by the permissions on the Customer/person. For example, if a contact can be viewed by everyone, then everyone should be able to see the emails to/from the customer even though only I have sent/received them.
a) This would present a potential security problem. In order to see your private emails, all a user would have to do is create a Contact (perhaps that only they can see), and give that contact your private email address. BrowserCRM permissions for emails take precedence over the permissions for the contact in order to prevent this scenario.
I suggest you look at the Message permissions for the incoming and outgoing email accounts. It is these settings that define whether a given user can read the emails - whether linked to a contact or not.
For existing messages, you can Bulk Edit them to change permissions.
2) Conversely, if I set a customer to be viewable by admin only, others should not see that customer at all.
a) If you set the view, edit, owner and admin permissions to '[Admin]', then only the Admin user will be able to see that contact. If a user has edit, owner, or admin permissions to an item, they will also be able to view that item.
The same with files: all files relating to a customer should be seen by everyone irrespective of who uploaded them.
Correct. If a user can view the Contact, they can view Files attached to that contect.
See also: 'Settings', 'General Preferences' (to edit your preferences), or 'Set Default Preferences' (to edit default preferences with the option to override for existing users)
In the 'Admin' tab, there are preferences for: Default view group: Default edit group: Default assigned to group: Default owner group: Default admin group: Default personal view group: Default personal edit group: Default personal assigned to group: Default personal owner group: Default personal admin group: Default public view group: Default public edit group: Default public assigned to group: Default public owner group: Default public admin group:
These are the preferences used by the radio buttons on an item edit page: Permissions Default, Personal, Public
Q: We created two mail accounts then set all of the permissions to that of the user. We could no longer “find” these accounts. Is there a master place where one can see all of the send and receive accounts?
A: When creating mail accounts there are 8 permissions fields:
- view, edit, owner, and admin permissions for the messages.
- view, edit, owner, admin for the account itself.
If you have set all 8 permissions to an individual users personal group, eg [Username], only that user will be able to see the account and the messages that come in.
A better approach would be to set the 'Admin' group (for the account), and 'Messages admin') for the messages) to either '[Admin]' (the Admin user) or 'Administrators'. In this way, when you log in as the Admin user, you can see all accounts and messages. If you dont want to see these accounts/messages every time you log in, then dont use the Admin user as an everyday login. If you have set these Admin groups set to 'Administrators', make sure your every day user is not a member of the Administrators group.
To deal with the situation you find yourself in now… log in as the Admin user, and add the Admin user to the relevant users personal groups. You will then be able to edit Mail account settings for these users private mail accounts.
- Click 'Settings' - Click 'Group lists and module permissions' Find the users private group you want to add the Admin user to. - Click 'Edit Members' Find the Admin user row. The 'In Group?' column should say 'No'. (Only the actual user should be a memebr of this group). - Click the 'No' link. The page reloads with 'No' replaced with 'Yes'.
The Admin user will need to login again for these changes to take effect.
I recommend you correct the mail account settings, then remove the Admin user from the other users personal groups.
To help prevent this situation from occuring in future, edit the default user preferences for all users so that the admin permissions are always set to 'Administrators' or '[Admin]'.
- Log in as an Administrator. - Click 'Settings' - Click 'Set Default Preferences' from the 'User Admin' row. - Edit the: 'Default admin group' 'Default personal admin group' (optional) 'Default public admin group' Set to 'Administrators'. Check both boxes next to these preferences ('Override current preference for all users', 'Block users altering preference') - Click 'Submit'. Now when users create new items, the admin permissions will be set to 'Administrators', ensuring that all Administrators have full access to the item.
Users may need to login in again for these changes to take affect.