Hi everyone,
It's generally expected that only list admins can provision list items and dashboard administrators can create list items. Until now though, these could be accomplished using the APIs bypassing security checks. In the current release we have locked this down and now provisioning of the following items are affected:
List Agent: the user is required to have either AdminAll or AdminLists functional rights.
SaveTaskMenu
DeleteTaskMenu
DeleteAppTaskMenus
SaveWebPanelEntity
DeleteWebPanel
DeleteAppWebPanelsDash Agent: the user is required to have either General Administrator, Dashboard Administrator or a System User.
GetDashAsync
SaveDashTileAsync
DeleteDashTileAsync
SaveDashTilesAsync
Only admins should have been performing these operations, so you really shouldn't notice. 😊
Best regards
21 Oct 2025 | 01:24 PM
All Replies (1)
Incoming change in SuperOffice CRM 11.13
List Agent: the user is required to have either AdminAll, AdminLists or CSSystem functional rights.
UpdateCategoryMemberships
Dash Agent: the user now must have the appropriate rights
SaveDashTileDefinition (Insert, Update)
DeleteDashTileDefinition (Update, Delete)
DeleteDashTileDefinition (Update, Delete)
GetDashTileHtml (Read)
GetDashTileHtmlList (Read)
SaveDashTileHtmlList (Insert, Update)
22 Apr 2026 | 12:26 PM
Add reply
info
Please log in to post a reply.