Datamanager Admin Permissions to select data in ajax requests form controls


I need to block access to the Data manager UI for some admin users. However, those users should still be able to use other parts of the admin, including selecting data from various dropdowns.
Use case: Meeting types defined in Data manager, Meetings defined in custom UI. The user needs to be able to create a meeting and select a meeting type there - but not have access to the Datamanager listing.

I thought it should be possible with using presideobject.* and permissions.
However, this is not sufficient (getting access denied on the ajax requests). It only works if also having 'datamanager.navigate'. This is due to some additional stuff done in the general DataManager 'preHandler' method ('_loadCommonVariables' seems to check for the 'navigate' permission).

I wonder if other things in the `preHandler` method are not needed as well, e.g. if I understand it correct, it will also load the common breadcrumbs and top right buttons in case of a call of `getObjectRecordsForAjaxSelectControl` - which seems superfluous if this is the case.




Dominic Watson
May 3, 2018, 1:47 PM

Will be released in next 10.9.0 snapshot (10.9.0-snapshot117)

Dominic Watson
May 3, 2018, 1:46 PM

Awesome, thanks Nelson

Nelson Chuah
May 3, 2018, 10:19 AM

Hi Dom,

PR created for this

Thank you

Dominic Watson
May 2, 2018, 8:39 AM

If making a feature branch - branch FROM 10.9 and target coming back to 10.9.



Nelson Chuah


Jan Jannek