Sugar Developer Guide Version 5.1

ACL

ACLs, or Access Control Lists, are used to restrict access to Sugar modules, and the data and actions available (e.g., “Delete” and “Save”) to users within Sugar modules. ACLs are defined in the Roles area of Sugar Admin. Sugar Professional and Enterprise Editions restrict user access down to specific fields.

You can check whether the current user has access to a particular action using the following code:

if (ACLController::checkAccess($category, $action, $is_owner, $type)) {

// your code here

}

 

Where the parameters mean the following:

•	$category = this corresponds to the module directory where the bean resides. For example: Accounts

•	$action – the action you want to check against. For example: edit. These correspond to actions in acl_actions table as well as actions performed by the user within the application.

•	$is_owner – whether or not the owner of the record attempting an action. Defaults to false. This only comes into play when the access level = ALLOW_OWNER

•	$type = this defaults to ‘module’ and for all intents and purposes a developer does not need to pass this in or can pass in ‘module’. This would only be used for special purposes to allow for additional out of the box access levels.

See the ‘Roles’ feature in the Sugar Installation and Administration Guide for the list of actions and their possible values.