espoCRM customization: allow non-sysadmin user edit users data

problem: be default, espoCRM only expose users data to users with sysadmin role. in role access management, user entity is not in the manage entity list.


1. override acl of user entity at custom/Espo/Custom/Resources/metadata/scopes/User.json. add edit in aclActionList, add “team”, “all” in aclActionLevelListMap.

    "aclActionList": ["read", "edit"],
    "aclActionLevelListMap": {
        "edit": ["own", "no", "team", "all"]

2. override acl user.php at custom/Espo/Custom/Acl/User.php. ensure to remove or change line of

        if (!$user->isAdmin()) {
            if ($user->id !== $entity->id) {
                return false; // change this logic

ref: how to 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s