SageCRM 2020 R1: Fixing Favourites Error: “Please Contact your system administrator” Part 3

However, We can get a broader view of the Field Security permissions by viewing the FieldSecurity table:

In the FieldSecurity table there are a few columns to note:

  • FdSe_SecType
  • FdSe_RecordID
  • FdSe_Permissions

The field FdSE_SecType indicates the security type of the permission.

FdSE_SecType = 1 indicates that the security type is at the User level.

If this is the case then the field FdSE_RecordID will indicate the UserId of the User being restricted.

This query can be used to find the field level securities at the user level:

select * from FieldSecurity where FdSe_sectype = 1 and FdSE_recordID = <UserID>

 

FdSE_SecType = 2 indicates that the security type is at the Team level.

If this is the case then the field FdSE_RecordID will indicate the team id.

The team id is from the Channel table. The Table relationship is User.User_PrimaryChannelId = Channel.Chan_ChannelId

This query can be used to find the field level securities at the team level:

select * from FieldSecurity where FdSe_sectype = 2 and FdSE_recordID = (select User_PrimaryChannelId from users where User_UserId = <UserId>)

 

FdSE_SecType = 3 indicates that the security type is at the Security Profile level.

If this is the case then the field FdSE_RecordID will indicate the security Profile id.

The security Profile id is from the TerritoryProfiles table. The Table relationship is User. User_TerritoryProfile = TerritoryProfiles.TPro_ProfileID

This query can be used to find the field level securities at the Security Profile level:

select * from FieldSecurity where FdSe_sectype = 3 and FdSE_recordID = (select User_TerritoryProfile from users where User_UserId = <UserID>)

 

The FdSe_Permissions column indicates what security level is being applied:

FdSe_Permissions = 5 indicates Read Access is Allowed and Write access is Allowed and that the field is not required.

FdSe_Permissions = 21 indicates Read Access is Allowed and Write access is Allowed and that the field is required.

FdSe_Permissions = 10 indicates Read Access is Denied and Write access is denied and that the field is not required.

FdSe_Permissions = 9 indicates Read Access is Allowed and Write access is denied and that the field is not required.

 

With this information we can determine if a permission is restricting a user, team or profile.

If the Permission column is set to either 9 or 10 then it is being restricted.

Anonymous