The Lead doctype in my ERPNext app can be accessed by a lot of people. To prevent the people from seeing the leads which are not made by them or which are not shared to them, I have set Only if Creator
to enabled for the Sales User
role
However, the people who have this role are still able to see all the leads.
In this example here, this particular user should only see a small fraction of what is being displayed.
I have restricted this by using the User Permission
doctype but it is not very optimal as I would have to do it for every single user.
The documentation says that Only if Creator
should suffice for this use case however it doesn’t work on the Lead doctype for some reason.
I have also tried enabling this for other doctypes and they seem to be restricted perfectly by the role.
Am I missing something or am I doing something wrong?
How can I restrict users from seeing documents by using the roles?