How to configure Group Members (sys_user_grmember) edit capability, so that only the Group Manager is able to Edit the Groups so as to Add/Remove members from Group - Support and Troubleshooting

How to configure Group Members (sys_user_grmember) edit capability, so that only the Group Manager is able to Edit the Groups so as to Add/Remove members from Group Issue  This article demonstrates how to configure Group Members (sys_user_grmember) edit capability, so that only the Group Manager is able to edit (as in add/remove) members from the group.

Release All releases

Resolution Please keep in mind that this article falls beyond the scope of support as it is a customized implementation. Below are just suggestions for reference which we have provided here to help solve similar issues.

Create (or modify) the three record ACLs for table sys_user_grmember as per below:

1.1 Configure a READ ACL for sys_user_grmember table 1.2 Configure a WRITE ACL for sys_user_grmember table 1.3 Configure a DELETE ACL for sys_user_grmember

2. All above ACLs can have the same script code as per below: var answer = false; if( (gs.hasRole('user_admin')) || (current.group.manager == gs.getUserID() ) ) { answer = true; } 3. Configure a CREATE ACL for sys_user_grmember , since adding group member involves the many to many relationship on the saved record when using slushbucket.

Below is the code suggestion to make the CREATE ACL work: var answer = validate(); function validate(){ if( gs.hasRole('user_admin') ) { return true; } else{ var manager = current.group.manager; if(manager !='' && manager == gs.getUserID()) { //check in current relationship return true; } else { //check in parent relationship var parentManager = parent.manager; var parentName = parent.name; if(parentManager == gs.getUserID() ) { return true; } } } }