08-19-2009 11:17 AM
08-19-2009 11:34 AM - edited 08-19-2009 11:37 AM
Access level is contact based. This will have to be submitted as a feature request.
08-22-2009 09:04 AM
If you are referring to the Notes/Histories/Emails for User records, I have a plugin that makes all sub-items Private when only linked to user records... it leaves them open when linked to other contacts
Would that help?
08-24-2009 04:04 AM
08-27-2009 02:27 AM
08-27-2009 03:05 AM
That sounds like a great tool. How does it work, how much, how do I get it, etc.?? Thanks, Brenda
It's a little plugin in the Plugins folder. Set and forget
We charge a fee for the site, depending on number of users
Contact me via email for prices
If you don't have my email, send via: http://www.glcomputing.com.au/contact.php
08-27-2009 04:03 AM
This is a significant failing in the Access Control List (ACL) design of ACT! and limits the products acceptance. We always advise users of this 'feature' in ACT! user training classes. In my view it is the # 1 thing that needs fixing . I strongly disagree David, it cannot be passed off as if it were a yet to be provided feature. It is a serious ACL design flaw that affects the products acceptance and undermines ACT! as a trusted information store in a workgroup setting.
Now ACLs are in Opportunities (2010), might be something looked at for other sub-items... although would need a few controls to automate as users would want to take them time to set access on every note/history
Our plugin could be modified with any specific rules... but only Private/Public are options right now.
From a security point of view, I'd like to see user records able to be Private/Limited Access (with Admins and Managers always having access)
08-27-2009 11:19 AM
It's helpful if a plugin can go some way towards alleviating the problem but it is a stopgap measure. People need at least to be aware that user records (My Records) are mandatory Public and all the correspondence contained within them, by default, Public. Making items Private locks the door to that item to all but the Record Manager. It solves the problem of unconscious attachment of confidential items to public records and the ensuing embarrassment but is counter to a structure of controlled collaboration that a sound access control policy provides for.
A guideline for practical control to document access, email etc should be the 'paper office' equivalent of a filing cabinet that management hold the keys for, passing a key to trusted individuals or a senior management team. Inherent in the paper office equivalent is the capability to also withdraw the rights without having to rebuild the office! If you like a practical and managed Team Privacy.
To introduce these changes is complex and expensive to introduce retrospectively in an upgrade. I would think that a structured migration process would need to be designed to deal with the complexity of moving older databases to a more granulated advanced Access Control List (ACL). Not only does the process need to be faultless, business/database owners would need to be educated in the change and make business decisions on how they are going to implement the new ACL. That precious commodity is being asked of clients..."Stop, Listen, Understand, Plan, Proceed"....SLUPP is often in short supply these days...:-)
The problem for Sage ACT!, the company, is the short version life cycle. Upgrades are too frequent. Upgrade release is dictated by marketing and upgrade cycles need to be longer, NOT every 12 months. Changing the ACL so radically and making it work retrospectively for existing databases would be a huge call on development resources. It would need to be thoroughly tested so as to avoid major problems for existing databases and the bad press that would potentially generate. Many marketing people within the business wouldn't see it as a sexy new feature...It's hard to sell a patch. However enlightened management hopefully would see it as a step to retain customers and indicate to the marketplace that ACT! is a serious contender and looks after it's install base of loyal followers.
Bottom line....It needs to be done, putting it off just extends the problem. Please do it.