Hi all,
Can anybody guide me on this:-
1. I want to assign form level permission to the users.
for eg. A user can see Sales Order but not Sales return
2. Is it possible to restrict users from posting sales/purchase orders,etc.
User should be able to Read/Insert but cannot Post.
0
Comments
What have you tried so far? What error messages are you getting? Or is the problem that the users still have access after you set this up.
This is really basic Navision stuff, and you probably should turn to your partner and ask for some basic training in Navision security. Even the most basic consultant will have no problems showing you all this.
Actually I have tried modifying the Role 'ALL' and its working also but according to my requirement i need to assign a user with some forms of Sales,Purchase,etc. It means i need to create separate roles for all the users because all the users have different areas of work.
Should I create separate roles for all the users and modify 'ALL' role according to their requirement.
One more thing i would like to add into this is, even if I dont give form permission to the user in Role 'ALL' then also the form is visible. How can we restrict it..
The best is one role per area of work.
Edit the role so the only thing in that role which can be done is the specified area of work.
Next is to assing the role to the user who has to work in that area.
If a user has multiple areas, assign multipe roles to the user.
dont' modify the all role, one modification for the all role will effect all the users who have the ALL role.
restriction: default the role "ALL" has a permissionline with type = form, id = 0, true, true, true, ...
When a permission with ID = 0 is assigned, then all the objects of that type are allowed.
|To-Increase|
But i dont want a user to see everyting, Suppose i create a Role for Sales thenit should have all sales related permissions but in case i dont allow some user to use Sales Return Order then how can i restrict the use from accessing this ..
How about copying the SALES role in a new role SALENoRet, adjust the permissions to that the users don't have rights in the sales return order and assing this role instead of the sales role.
You cannot override rights assigned to the user (you are assigning always the grant permission, never the deny permission), so you have to assign only the rights the users should have, never more.
|To-Increase|
Create a new role and assign the relevant permissions for related tabel, in your case Sales Header Table, and also define Security filter, like, Sales Header: Document Type=Order, in Security Filter field of Permissions form.
The Security Filter will limit the access to the data as only specified in the Security filter.