Role Permissions Manager

By ERPNext Administrator on October 15, 2024
Expert

Permission to different documents can be controlled using Role Based Permissions.


ERPNext has a role-based permission system. It means that you can assign Roles to Users, and Permissions can be set on Roles. The Role Permissions Manager allows you to set which roles can access which documents and with what permissions (read, write, submit, etc.).


Once roles are assigned to a user, their access can be limited to specific documents. The permission structure allows you to define different permission rules for different fields using a concept called Permission Level of a field.


To start using the Role Permission Manager, go to:

Home > Users > Role Permissions Manager



Document Type : The type of document for which you want to set permissions.

Roles: As we saw earlier, Users are assigned Roles and it is on these Roles that permission rules are applied. For example, a sales user may be given the roles of an Employee and a Sales User.

Permission Levels (0-9):

1. Permissions at level 0 are Document Level permissions, i.e. they are primary for access to the document.

2. If a Role does not have access at Level 0, then higher levels are meaningless.

3. Permissions at higher levels are Field Level permissions. All Fields have a Permission Level set against them and the rules defined at that permissions apply to the field. This is useful in case you want to hide or make certain field read-only for certain Roles.

4. You can use Customize Form to set levels on fields. Setup > Customize Form

Permissions :

1. User Permissions are used to limit users to specific records. Setup > User Permissions

2. Select Document Types to set which User Permissions are used to limit access.

3. Once you have set this, the users will only be able access documents (eg. Blog Post) where the link exists (eg. Blogger).

4. Apart from System Manager, roles with Set User Permissions right can set permissions for other users for that Document Type.




You can also set permissions for specific fields. For example, the 'Estimated Cost' field should be visible only to the project manager.

You can use the Customize Form feature to set field-level permissions. Go to Setup > Customize Form.


First, you need to create a new permission level for Project Manager, as shown in the screenshot for Level 2, or another level as needed.



Then, in the 'Estimated Cost' field of the Customize Form for the Project form, set the permission level to '2.'

This will make the 'Estimated Cost' field available only to the Project Manager role.




Employee view



Project Manager view





More articles on User Guide for System Admin

More articles on User Guide for System Admin
Comments

No comments yet. Start a new discussion.

Add Comment