The Lead doctype in my ERPNext app can be accessed by a lot of people. To prevent the people from seeing the leads which are not made by them or which are not shared to them, I have set Only if Creator to enabled for the Sales User role
However, the people who have this role are still able to see all the leads.
In this example here, this particular user should only see a small fraction of what is being displayed.
I have restricted this by using the User Permission doctype but it is not very optimal as I would have to do it for every single user.
The documentation says that Only if Creator should suffice for this use case however it doesn’t work on the Lead doctype for some reason.
I have also tried enabling this for other doctypes and they seem to be restricted perfectly by the role.
Am I missing something or am I doing something wrong?
How can I restrict users from seeing documents by using the roles?