Users Right restriction for AR and AP

I appreciate the restriction of access of users to the cash and bank accounts they are meant to see or use.

Can this be done also for customers and suppliers? I think it would be great if one can give access to suppliers and suppliers to view their account statement.

Or if this is presently possible guide please.

Assuming you are using the server or cloud editions, you can make anyone with access via your network or the internet a user. You can assign them any privileges available within the program.

However, giving access to your accounting records to anyone outside your company seems a very bad idea.

1 Like

I don’t think so. Organisations have their policies and procedure and they determine how their information is shared. Vendors have the right to know the transactions posted to their account, and so are customers. Reconciliation will be minimized if both parties have access to the accounts earlier than the usual month end or statement time. Are we not talking about block chain? I was a vendor with shell spdc in Nigeria for a long period and I was the one posting my invoices. I had access to my account and by this we hardly had course to have reconciliation meetings. I spent hours reconciling bank accounts and my access to online bank accounts have minimized this.

Maybe you did not get me right. My need is: Is there a way I can let my vendors and customers have access to their account, to view (not to my whole data)? If the vendors can even post their invoices I would be much happier.

It is my decision whether it is a good idea or not. What I want is how?

Not in my opinion. Anything you share with a supplier or customer is by privilege, not by right. Your accounting records are not theirs.

No, we most definitely are not. Whatever gave you that idea?

As such, you had access to a supplier portal for submitting and viewing information. You did not have direct access to the accounting records of Shell.

Again, with your bank, you have access to a portal with information about your account. You certainly do not have access to the accounting records of the bank.

I already answered this question. You can create users and give them whatever permission you want, within the same limitations applying to any user. See Create users | Manager.

The attack surface is too large for appropriate data security.

A businesses accounting records will almost always contain confidential information which you do not want covertly released to your competitors, customers or suppliers.

All public facing Internet access should be hardened to minimize the probability of malicious exploitation. The foundation of achieving this is to put a fire wall between the internal network and the public facing Internet sever. The public server in the demilitarized zone is designed to contain only the information available to the public. The server is structured with the sole purpose of delivering this publicly accessible information to the required individuals. Communication to internal computer systems is tightly regulated to minimize the risk of internal data breaches.

The correct way to give customers or supplier access to accounting records relevant to them is to regularly upload this information from Manager to your portal. Managers API is the appropriate way of automating this process. Hosted portals are available from many companies.

Note this is very different to the security of a hosted accounting system where the security barrier is at the login screen and between hosted subscriptions. Not inside the accounting package, between various accounting application screens.

1 Like

Every system has input, process and output. And accounting is not an exception. Every data, procedure and reports having one thing or the other to do with the accounting system is part of it. So is the portal, so is the invoicing app, so is the statements sent to vendors or customers.

Giving access to vendors or customers to a portion of your record that concerns them, which they will see anyway, is not giving them access to your whole financial/accounting system. Of course any organisation should know what to give out and what not to give.

The statement I will give to my vendors/customers will not be different from what the AR/AP generates so I would prefer they have access to it and even upload their invoices for verification and approval.

When I asked for the facility I started by saying the same thing that apply to cash/bank where you can let users see only the cash/bank they should; so if I can have that facility where a vendor, for instance, can see only his account, it will be more than welcome and that is not a bad idea to me.

We are all tending to block chain where transactions should be open and any update by one party is known and seen by all parties concerned. I think we should begin to embrace this concept of openness (block chain) in all our aspects that affect other parties (without compromising the security of other aspects of course).

You have a different philosophy about security than the developer of the software. Perhaps Manager is not for you.

I have a different philosophy, perhaps; but that manager might not be good for me is not correct.

Remember that I have only asked if what I want is possible and that when you suggested that what I want to do might not be right, I only disagreed.

I think the issue is that I wanted to manipulate manager to achieve more benefits in saving cost without compromising security the same way I did with payslip items. It might not be possible now but that does not play down in anyway the other good aspects of the program. I don’t want to remain that straight jacketed accountant continually sticked to past methods. How can letting parties to a ledger know the effect of all transactions on the ledger as they are updated instead of waiting for the orthodox statement time and usual reconciliations waste of time, when what you will give out as statement is not and can not be different from what they can access earlier is a bad idea? So many people might not embrace the concept of block chain!

1 Like

I do not doubt you and some other Manager users would find the functionality useful.

However the most efficient way of safely achieving the functionality you describe is by a separate application. Achieving the application hardening within Manager would be a massive undertaking. None of the current user restrictions implemented within Manager are robust enough for a public facing Internet application. The functionality requires a separate login to a separate storage area for each of your customers and suppliers. Tools to manage a relatively large number of users and their usage statistics. And intermittent (daily) upload from Manager to your portal.

It is not inconceivable Lubos may want to build such an application, however it is a separate task to Manager, and there are already platforms which provide the required functionality.

Thanks. I appreciate.

@Tut and @Patch, @Abanye is looking for a portal to allow vendors/ customers to see reports of their transactions or balances his his compangy. This is very much a normal practice, an example is your ability to have your bank statement on demand with a bank app or a Web portal to your records with your bank.Your bank gives you access to just a part for their data. This is a very useful tool if the volume of trade between the business is high and transactions occur very frequently.

Manager already has reports that shows statements for customers and suppliers on unpaid invoices and transactions in general. The problem now is how you can limit a user to see the transactions or statement of selected accounts and not the whole list of accounts.

So for example for Tutankhamen Inc. a customer, I would create a user account for him and give him access to view only reports created for him. All hyperlinks wouldn’t work and he would see only a PDF output.

Another way is the introduction of a feature that automatically send PDF statements to customers or suppliers at preset intervals for a preset leriod like the banks do.

I do not know how this features could easily be implemented but Manager is an accounting software for SMEs, features like these are not going to be used by a heavy majority of the users. Anyway it all depends on how easily the producer could program such a thing and add to the app.

My point, @Abeiku, has been that access like that described in the examples (Shell Oil, banks, etc.) is the result of customized applications that use data fed from accounting records of the organization. But they are not giving access to the accounting records themselves. Security barriers are enormous and expensive.

I agree

hello Tut
please hep two things ;
am reviewing the server edition here , and contrary to what i know from the desktop version , i dont see where i can pull the guides from , in desktop version you find the guides link below any activity you are doing , can you tell me in server edition where the links for the guide are ?

i can create users and say restricted , but i dont see where to configure their privileges/access rights onto individual functions , i hoped somewhere in setting i could be able to set these user rights the way i want , but i dont see any function like that anywhere in the system

The Learn How To… links are not included, because many server edition users provide their own support to users. So go directly to the web site: Guides | Manager.

This is done under the Users tab, not in Settings. Depending on what you want, the permission control may not be fine-grained enough for your desires.

I have to agree with @Tut here. No one, not the auditors or even the government (at least for now) have the right of direct access to your accounting records. It’s a previlage granted by the owners.

However, as @Abanye said, it is a very good idea for more efficient reconciliation. Plus suppliers/customers can create their own non-financial documents (supplier quotes and sales orders) and attach files to them like invoices and receipts. This is not uncommon in many erps and accounting packages today.

This is a good suggestion if only you could select which supplier/customer account they can access.

Moreover, this method will inflate the number of global users to a point where administration and control might not be efficient.

Maybe if we have a restricted way to access and create restricted users from within each business and not have those appear in the global user list, this would make a lot more sense.

But the more I think of this the more it looks like it’s too complicated to maintain and may introduce vulnerabilities as @Tut hinted if I understood correctly.

This is why I think it’s better to create a separate portal for customers/suppliers that interfaces with manager from the backend and has it’s separate users.

I have already made something hacky using scheduled events and a cloud sharing service to but I would much prefer a native function.

Personally, I believe that regardless of how this gets implemented, customer/supplier/employee portals are the hottest trend as far as accounting packages go and will soon become the norm, if not a necessity.

I don’t see why this is not already in ideas.