One of the biggest benefits of ERPNext is that organizations can decide the control environment they wish to operate in.
Control & flexibility are conflicting attributes and we have to, as a community/solution not enable one at the cost of the other.
The Purchase to Pay process in any organization is where most organizations need a lot of control. So they have Material Request process, approval workflows etc.
However one of our recent features, Update Items in the Purchase Order bypasses all of these controls that an organization has implemented:
The Update Items has the ability to Bypass controls that current user organizations of ERPNext have implemented.
So my Proposal is to define a Role that can use the Update Items feature. Organizations that want to provide more flexibility can set this role very loosely and organizations that want to have control can set the role that can set that role very tight.
I need two things from the community:
- Is this technically feasible? And doable? Or is there any simpler way of achieving this, like custom scripts?
- Do other user organizations see this flexibility (Update Items) as a big risk?