How can I restrict access to content to a specific user/group in Senaite 2?

Hi guys,

How can i restrict access to content to a specific user group in Senaite 2? For example, I want to remove the contact menu from the navigation when the user group is Analyst? Can I do that from zope 4 interface?

I want also to hide a field for a specific user. It鈥檚 a sample that I鈥檝e created for a client. When the user log in as a client, he is able to use the search field in Analysis Profiles to add another one. So, I want to hide this search field. How can I do?

You can change the content_type actions in the setuphandlers: senaite.health/setuphandlers.py at 1.x 路 senaite/senaite.health 路 GitHub

And to modify a field visibility, you may get some info here: senaite.core/widgetvisibility.py at 2.x 路 senaite/senaite.core 路 GitHub

1 Like

Thank you for answer :slight_smile:

I use senaite.lims 2.0.0.rc2 and the file is different for this one

Hi Elinah,

you can change the visibility of a view directly from ZMI, but based on permissions, not roles. For instance, to make the 鈥淐ontacts鈥 tab from 鈥淐lient鈥 content type visible to users with a given permission, login as admin and:

  1. Go to http://localhost:8080/senaite/portal_types/Client/manage_editActionsForm
  2. Look for the desired action 鈥淐ontacts鈥 in this case

Note the field 鈥淧ermission鈥, where you can explicitly type the permission ID required. System will render the view only if the current user has that permission granted. However, Analyst has the permission 鈥淰iew鈥 granted by default. Changing the permission schema is not easy stuff and requires the overriding of the permissions mapping at workflow level. Therefore, I suggest you to use the 鈥淐ondition鈥 field and check there if current user has any of the roles 鈥淟abManager鈥, 鈥淟abClerk鈥 or 鈥淐lient鈥

Alternatively, if you don鈥檛 want to deal with the 鈥淐ondition鈥 field, just set 鈥渟enaite.core: Field: Edit Contact鈥 for 鈥淧ermission鈥 field

Thank you very much, it works perfectly :slight_smile: