How to restrict users to export contact from mautic

Your software
My Mautic version is: 4.1.2
My PHP version is: Php 7.4
My Database type and version is: mysql Ver 14.14 Distrib 5.7.27-30,

Your problem
My problem is: Not able to restrict users to export contact from mautic.

I have multiple user in mautic account. I have created role, But did not find any permission where I can stop a user to export contact in Excel and csv.
How can I restrict my user to export contacts ?

These errors are showing in the log: no

Steps I have tried to fix the problem:
I have tried to create Roles with Multiple options.

mautic

Hi,. have you tested if restricted users can maybe only export their own contacts?

Hi @joeyk
If i have allowed user to view all contact, Then the user can export all contact.

And if user is allowed to view his own contact, in that case user export his own contact only.

But i want user to view his own and others contact both. But don’t allow him to export.
I did not find this solution.

From a program design point of view I don’t see a point in allowing to view but not to export.
If you can view something you can export as well (worst case by using a little code.)

Joey

Hi Sonu,

Can you explain your use case to me?

After reading this it occurred to me that it might be useful to be able to restrict the export options - especially if you’re using Mautic as a CRM and have a sales / support team interacting with it.

I wouldn’t want sales team members exporting records of any kind (theirs or not) if they decided to leave the company. Just part of maintaining the funnel of opportunities.

I did try this myself in 4.2 and found the same thing you reported.

Thanks,
Rick

The problem is: if you view the contact, you can export the contact. Maybe not with the export button, but many other ways. (Chrome plugin, etc)
If you want to restrict, then restrict view as well.

@joeyk - I understand your point completely. Sure things can be scraped, etc. But that being the case, not all users are equal in knowledge or skill.

I can see how not allowing exports may help to prevent / protect data from taking a walk.

For example, lets consider this case of a sales team.

I hire an employee who works sales for 1 year. They are paid a weekly salary to make contacts, put them into mautic and nurture the relationship into a sale. This is accomplished partially through the sales representative and partially through mautics automation (email, dwc etc).

Because sales is typically a high turnover job, I dont want the person to leave with all of the leads I paid them to cultivate for that year. So I want to prevent them from being able to “easily” export all of the contacts.

Sure they will know some of them right of the top of their head, sure they could scrape them one by one, or write them down one by one and take them to a new sales job for a competitor - but I dont want to make it as easy as Export Contacts so that they can easily just take the book of leads and leave.

Plus some roles (like customer service roles) should be able to only view a contact and not be able to export them. They just touch the data as necessary - they arent responsible for its cultivation or management.

I think there is a good use case for extending the Roles form and permissions system to allow data exports to be restricted.

Hey folks

Please review and test this PR:

It would have been merged sooner but we have not had enough testers. Testing is well documented here:

1 Like

Yeah, that PR is great, I hope you can test it out.
I can see the use case here, just wanted to draw the attention to the limitations.
Joey

Ill check it out and test this PR.

@ricksimnett You are correct. We recently thought and tried to use mautic as CRM.
and have 16users. Now I have 2 problems

  1. If i give the permission to user, to view all his own and other’s contact. Employee can export all contacts easily. That is good, and data can be stolen.
  2. and if I give the permission to a user to view his own contact, then while adding a new contact user don’t know which contact is already there in Mautic. because he is not able search in all contacts.
    And it creates a duplicate record. It should be fixed.
    Mautic should show a message that “contact already exist” if primary key “email address” is added by user again.

@ricksimnett You put it and explained perfectly.
Leads from Mautic should not be allowed to export so easily for employee.

and coping lead one by one will be hard. And scraping is not easy, require skill.

Mautic can be easy used as CRM for most of the use cases with some field modifications. Because mautic is powerful in sending email and tracking contact footprints.