Receipts and Payment Form Default and User Security

Form Default Cashbook “Cash in Hand”

user permission Cashbook" Petty Cash"

after login
CashAccount can see only “Petty Cash”, it’s correct

New Payment, system show “cash in hand” which was not in user access

if user save that record, it saved with “Cash in Hand”
it was posted to “Cash in Hand” which didn’t have permission to current user

should not allow user to post which is not under their permission

You gave the user permission for the Receipts & Payments tab. The default payment transaction is set for the Cash in Hand account. So everything worked as it should.

You gave the user permission to view, create, update, or delete the Petty Cash account under the Cash Accounts tab. But a payment does not require doing any of those things to the cash account. That particular permission would come into play only for actions like changing the name of the account (such as to Petty Cash Box). In other words, that permission applies to the account itself, not entering transactions that post to the account.

Actually, if you set Petty Cash only under Cash Accounts, the restriction should be transferred over to Receipts & Payments tab too.

But… I’m not able to reproduce the issue. On my test file, it works correctly - I cannot see any other accounts (nor transactions) other than those related to petty cash.

Maybe I’m not understanding, @lubos. Are you saying that when a user is granted VCUD permissions for the Receipts & Payments tab, and the form default for that tab sets a particular cash account, that the form default should be overridden because of the permission granted for the Cash Accounts tab?

In other words, do the permissions have superior authority to the Form Defaults settings? That seems to negate the purpose of Form Defaults. I thought the idea was that you could restrict a user from opening a cash account, changing it, or even seeing how much money was in it while still allowing them enter receipts and payments because the cash account was identified as a default. That would let a retail clerk enter sales transactions without knowing how much money the business had. The same would apply for bank accounts.

What you said implies that if no permission was given for any cash account, receipts and payments could not be entered at all, because the user could neither select a cash account nor use the one in Form Defaults.

Actually, I see what you mean now.

Yeah - this would be a bug then. If you set account in form defaults, then limited user should have this selection clear because they don’t have access to that account.

1 Like

I don’t think we’re saying the same thing, @lubos. If I understand your last comment, you are saying that the default cash account should be eliminated if the user does not have permission to see it. What I was saying was that if a restricted user has no cash account permission, she won’t be able to enter receipts or payments unless the default cash account carries through.

My point is that I thought cash and bank account permissions only pertained to whether you could create, modify, and see balances in those accounts. I thought that as long as you had Receipts & Payments permissions you could still use a cash or bank account set as the default in order to enter the transaction.

If my interpretation of your last post is correct, and the cash or bank account default is eliminated when entering a receipt or payment, does that mean that you must give a user permission for at least one cash or bank account if you want them to be able to enter receipts and payments? I suppose that makes some sense. The default would be eliminated and the restricted user would then need to select the account for which they have permission.

thanks

1 Like

Fixed in the latest version (19.7.20)

2 Likes

thanks

Thank you.