“I didn’t edit that”

Written By Allen Shaw

I don’t know how that could have been changed. I didn’t edit that at all. So weird!

— from a client who was struggling with problems stemming from a required custom field in CiviCRM (edited for brevity)

Every now and then, I’ll hear this kind of thing from a client: some configuration changed, and nobody knows why. It’s pretty surprising, to say the least.

So what’s going on here? Who’s changing the settings? And how can we limit this kind of “mystery configuration change?”

I should mention that, when addressing this kind of mystery, I’ve never seen any evidence that some bug in CivCRM (or related software) is actually changing the settings on its own. That would be a serious concern, and it’s tempting to lay the blame there. But I’ve seen no evidence pointing that way.

Instead, this can usually be attributed to a simple explanation:

  • Simple human error: someone checked a box without realizing it.

  • Multiple admins: some other staff member with administrative privileges made this change intentionally, not realizing that it could cause problems.

Usually it’s enough to simply correct the configuration.

But there are ways to limit the chance of this happening, and the most straightforward is this:

Be strict about who gets administrative access:

  • Define (and document) a reasonable collection of user roles, each with appropriate permisisons, and assign the appropriate role to each user.

  • Ensure each user is fully trained on, and responsible for, the features that they have access to.

  • Naturally, this means only a very few users (probably just one or two) will have full administrative access to your site configurations and data.

And, if “mystery configuration changes” are happening on your site, there’s also a way to identify “who made what change”:

Enable CiviCRM’s “Logging” feature (at Administer > System Settings > Misc (Undelete, PDFs, Limits, Logging, etc.) ):

This will allow someone with the right skills (probably a developer, because CiviCRM doesn’t make these logs available in its administrative interface) to examine the logged data and identify who made the change, and when they made it.

Keep in mind, that logging can slow down a site that sees a lot of CRM data changes, so you may not want to enable it withat careful consideration.

But if “mystery changes” of any kind — whether it’s constituent data or system configs — this kind of logging can help you get to the bottom of it. (I’ve used it several times this year to help my clients understand “who’s changing what.”)

All the best,
A.

Allen Shaw
Next

You can but you shouldn’t: required Custom Fields