Left side navigation showing links to un authorized users

When the new user is created and is given the role HR they are able of see manufacturing / learn / websites / Tools in the left side navigation.

On clicking on the manufacturing , the BOM list is displayed.

Not able to understand the following

  1. Why is the manufacturing menu is showing to the user who do not have the rights to access that module or even document

  2. After searching to the forum , we came to know about the ALL role in the system and seems that this behavior is because the ALL role is having the permission to the doctype BOM , but there are other doctypes also there in ALL role such as file so why is file manager not showing in the left side menu

  3. The system is not allowing to change any attribute or remove the doctypes from the ALL role as its validating that standard roles cannot be deleted

  4. There is no document in manual stating the use of ALL role

Kindly suggest the solution of hiding the menus to the user who are not authorized to the respectove modules and doctypes

Hi there, I faced the problem and asked why ALL rules is applied for that doctypes but no ones answered …btw you can solve the problem by deleting directly from the database, search in tabCustom Doc Perm and delete search for role ALL and Doctype BOM …and others you need to delete.

Have also a look at Guest role there should be to delete something there as well.

Thanks
I am not able to find the guest role in roles list
Also is there any solution of not showing the links which are not related to users as this us major issue and management only looks at security first, they do not want to show the users any thing other then that also i have seen one more issue

I have given a access to CRM to one of user but the user is able to see the chart of accounts

Kindly guide me as there is no proper documentation

Check user permission docs