Hi I noticed in ERPNext that all contacts and addresses are readable by all users. Is there any way to restrict sales user from seeing supplier contact and address?
I understand that I could set user permission one by one. But it is too specific and not efficient, is there any good way to restrict the permission?
Thankyou
Hmm 
I suggest a better approach for handling role permissions in this case. First, remove all permissions from the role related to contacts and addresses. Then, create a new role, like “Contact/Address,” and assign the appropriate permissions to it. If you need access to contacts and addresses, you should select the “Contact/Address” role. This way, users will only be able to see the contact and address information.
With this approach, the sales user/manager would not have the ability to see customer’s contact/address. While each user with the new role will be able to see the contact/adress list in its entirety
Is there any way to limit each user to certain group of contact/address?
Regards
Jevon
I’ve already explained that you need to work with the Role Permission Manager. Alternatively, you can create a new role based on the specific scenario and assign it to the user. It’s difficult to explain every detail here because only you will know at what level you need to manage permissions. You’ll need to practically do this locally to get a better understanding. Once you go through these steps, you’ll have a clearer idea of how it works.
From my understanding, setting permission with Role Permission Manager only allows the user to see all of the contact/address list or not at all.
ERPNext is using common contact/address doctype for both supplier and customer, hence when I give the permission to the sales user to read/write, they will be able to see the all contact and address including supplier’s contact and address, or when I do not, cannot see the contact/address at all (only able to see the reference in the customer doctype).
If I set it into “Only if creator”, Sales User cannot share common contacts/addresses with another Sales User.
Setting User permission one by one is not possible because of the large numbers of contact/address.
Is there any solution to this? to limit Purchase users to access only Supplier’s contact and addresses, and to limit Sales users to access only Customer’s contact and addresses.
Thank you for your help
Jevon