We're updating the issue view to help you get more done. 

Datamanager Admin Permissions to select data in ajax requests form controls

Description

I need to block access to the Data manager UI for some admin users. However, those users should still be able to use other parts of the admin, including selecting data from various dropdowns.
Use case: Meeting types defined in Data manager, Meetings defined in custom UI. The user needs to be able to create a meeting and select a meeting type there - but not have access to the Datamanager listing.

I thought it should be possible with using presideobject.* and datamanager.read permissions.
However, this is not sufficient (getting access denied on the ajax requests). It only works if also having 'datamanager.navigate'. This is due to some additional stuff done in the general DataManager 'preHandler' method ('_loadCommonVariables' seems to check for the 'navigate' permission).

I wonder if other things in the `preHandler` method are not needed as well, e.g. if I understand it correct, it will also load the common breadcrumbs and top right buttons in case of a call of `getObjectRecordsForAjaxSelectControl` - which seems superfluous if this is the case.

Environment

Status

Assignee

Nelson Chuah

Reporter

Jan Jannek

Accepted

Yes

Fix versions

Affects versions

10.9.0

Priority

High