CRM module: users see all Customers regarding of Mailbox permission

Question

CRM module: users see all Customers regarding of Mailbox permission

Closed this issue 3 months ago · 2 comments

We have multiple mailboxes and the CRM module.
A non-admin user can see all customers at this page:
/search?mode=customers&xs_crm=1
Even customers from Mailboxes that has no access to.

The impact is that users can see customers details they are not supposed to get access to.

PHP version: 8.1.28
FreeScout version: 1.8.143
Database: MySQL
Are you using CloudFlare: No
Are you using non-official modules: No

Answer 1 · 2024-06-17T16:43:14.000Z

See https://github.com/freescout-help-desk/freescout/wiki/FAQ#is-it-possible-to-have-separate-contactscustomers-per-mailbox

Answer 2 · 2024-09-16T10:16:33.000Z

+1 for this request