Implementing Role-Based Document Restriction in Frappe: Need Guidance

Hello everyone,

I hope you’re doing well. I’m currently working on a project in Frappe where I need to restrict document access based on user roles. Specifically, I want users to only be able to view certain records in a service ticket doctype based on their assigned roles. For instance, when ‘User1’ logs in, they should only see the first 3 records assigned to them, and when ‘User2’ logs in, they should see the next 4 tickets assigned to them. I’d greatly appreciate any guidance or insights on how to implement this effectively.

Thank you very much for your assistance

Certainly! “Assigned roles” refer to the roles that are specifically assigned to individual users within a system. In the context of Frappe or any other system that supports role-based access control (RBAC), roles are predefined sets of permissions that determine what actions a user can perform within the system.

When you assign roles to users, you’re essentially granting them the permissions associated with those roles. For example, in a typical RBAC setup:

User1 might be assigned the role “Technician”.
User2 might be assigned the role “Manager”.
Each role, such as “Technician” or “Manager”, would have a defined set of permissions tailored to the responsibilities and privileges associated with that role. These permissions could include things like viewing certain types of documents, creating new records, editing existing records, or performing administrative actions.

By assigning roles to users, you can control what actions they’re allowed to take within the system. This helps enforce security and access control policies, ensuring that users only have access to the data and functionality that’s relevant to their roles and responsibilities.

In the specific scenario you described, you might have roles like “User1” and “User2”, each with its own set of permissions and access restrictions. When a user logs in with their credentials, the system checks their assigned roles to determine what data they can access and what actions they can perform. This allows you to tailor the user experience and ensure that each user sees only the information that’s relevant to them based on their role within the organization.

You can do Following Thing

  1. (Hack) Insted of Assigning Just Share the Document
  2. Add a Field User and add User Role Permission to Show Based on Criteria
  3. YOu can Modify permissions using some customizations