hi there i want to suggest to devs that user permissions should not be drop down down menu instead it should be check boxes so we can categorically permit user what to see. In current scenario if we want that user should only be able to create new invoice. we had to give them view permission also. like i want to give only one specific user permission of creating only invoices so they can only create new invoice i dont want to give them permission to see all previous invoices.
Then they will not be able to see what they have created to verify it. Manager always displays an invoice after it is created. If they make a mistake, they will not know and will not be able to correct it. That is asking them to be perfect or accepting many errors in your accounting and extra work to have someone check every invoice the user enters.
2 Likes
Is your problem not that the user should not be able to view transactions which other users have created, i.e. and extension to the permissions mechanism which filters out the transactions which were created by other users? (Obviously not applicable to Full Access and Admin users.)
yes exactly like this
but limited users also can see all other transactions also which may expose some unnecessary data.
one way out can be that manager should filter data only created by logged in user
That would undermine the ability to grant permissions based on functional job assignments.
1 Like