[Not Solved] User & Role Permission Understanding

Please bear with me as it is long list of questions and yes I read every wiki, Video & most post but still didn’t get it.
Must have misunderstood something. So here it goes:

{A} We have 5 Users all in “Account User Role”: User1….User5
{B} From that we want to restrict only one user to one company, other users can use all companies:
-User1 for only Company1
-User2-5 for Company 1 & 2 both
{C} I wants to avoid creating new role for User1.

How to achieve above.

{D} There are 100 customer. User1 should not anything belongs to Customer1.

How to achieve this?

{E} On Role permission manager

  1. What happens just checking “Apply User Permissions” if nothing set in “Select Document Type”?
  2. What “If Owner” does? which is on a left side box.
  3. What “Set User Permissions” does? which is on a right side box.

Thank you for your time…


Have you read manual regarding this? how to achieve this which is written in manual document
please refer this link https://erpnext.org/docs/user/manual/en/setting-up/users-and-permissions .
It will be helpful for you.

Yes @shraddha I read that too. I just don’t get logic of how to achieve in written scenario.

Here is what I am assuming:

for {A} {B} {C} there are two way to do that
1- Requires to give user permission for each and every user of company requires. Issue - To many user permission needs to assign, more work for single restriction.
2- Create Duplicate roll of “Account user” and give user permission for company. Issue - Two roles for same type of users - not advisable in manual.

for {D}
1- Practically not possible. Issue - You cannot give 99 user permission to allow 99 customer.
2- Assign group to customer, give permission on group. Issue - Unnecessary grouping of customers.

for {E}
for 1. Nothing happens.
for 2. Will apply on if owner is user
for 3. Will able to Set User Permission for that doctype

Please someone answer if I am wrong here.

Hi @mdwala, Any good thoughts are your answer. Have you managed this? Any tips!!

Not just what I posted. Not sure for that too.

Role permission = Action
User permission = value

Ex: a user, John has account intern role which can only create / delete / write belong to company ABC
Role permission: account intern can create / delete / write Sales Invoice. Check if company is permitted
User permission: set John has permission on company doctype which company is ABC.

1 Like