Your software
My Mautic version is: 4.1.2
My PHP version is: Php 7.4
My Database type and version is: mysql Ver 14.14 Distrib 5.7.27-30,
Your problem
My problem is: Not able to restrict users to export contact from mautic.
I have multiple user in mautic account. I have created role, But did not find any permission where I can stop a user to export contact in Excel and csv.
How can I restrict my user to export contacts ?
These errors are showing in the log: no
Steps I have tried to fix the problem:
I have tried to create Roles with Multiple options.
From a program design point of view I donât see a point in allowing to view but not to export.
If you can view something you can export as well (worst case by using a little code.)
After reading this it occurred to me that it might be useful to be able to restrict the export options - especially if youâre using Mautic as a CRM and have a sales / support team interacting with it.
I wouldnât want sales team members exporting records of any kind (theirs or not) if they decided to leave the company. Just part of maintaining the funnel of opportunities.
I did try this myself in 4.2 and found the same thing you reported.
The problem is: if you view the contact, you can export the contact. Maybe not with the export button, but many other ways. (Chrome plugin, etc)
If you want to restrict, then restrict view as well.
@joeyk - I understand your point completely. Sure things can be scraped, etc. But that being the case, not all users are equal in knowledge or skill.
I can see how not allowing exports may help to prevent / protect data from taking a walk.
For example, lets consider this case of a sales team.
I hire an employee who works sales for 1 year. They are paid a weekly salary to make contacts, put them into mautic and nurture the relationship into a sale. This is accomplished partially through the sales representative and partially through mautics automation (email, dwc etc).
Because sales is typically a high turnover job, I dont want the person to leave with all of the leads I paid them to cultivate for that year. So I want to prevent them from being able to âeasilyâ export all of the contacts.
Sure they will know some of them right of the top of their head, sure they could scrape them one by one, or write them down one by one and take them to a new sales job for a competitor - but I dont want to make it as easy as Export Contacts so that they can easily just take the book of leads and leave.
Plus some roles (like customer service roles) should be able to only view a contact and not be able to export them. They just touch the data as necessary - they arent responsible for its cultivation or management.
I think there is a good use case for extending the Roles form and permissions system to allow data exports to be restricted.
@ricksimnett You are correct. We recently thought and tried to use mautic as CRM.
and have 16users. Now I have 2 problems
If i give the permission to user, to view all his own and otherâs contact. Employee can export all contacts easily. That is good, and data can be stolen.
and if I give the permission to a user to view his own contact, then while adding a new contact user donât know which contact is already there in Mautic. because he is not able search in all contacts.
And it creates a duplicate record. It should be fixed.
Mautic should show a message that âcontact already existâ if primary key âemail addressâ is added by user again.
@ricksimnett You put it and explained perfectly.
Leads from Mautic should not be allowed to export so easily for employee.
and coping lead one by one will be hard. And scraping is not easy, require skill.
Mautic can be easy used as CRM for most of the use cases with some field modifications. Because mautic is powerful in sending email and tracking contact footprints.
The progress can see in the github repo.
A bit help: programmers rarely participate here in forums, it makes sense to post your repo related questions in the Github repo.
