Possible BUG in Role Permissions (v10) - case of User and Manager roles both checked?

Stumbled onto this today while trying to limit who had access to certain reports and how to control the “owner” field of a report.

For the Role of Account Manager the report would allow it to be run for any user

For the Role of Account User the report would be limited to the logged in user

If a user had BOTH the Account Manager role and the Account User role checked in their user profile, the system defaults to the lowest priority role as the accepted role for the report.

I would have thought it to be the other way around and that the highest role would be the deciding factor. That is not the case.

This means that I had to go through every document type and anywhere that a document had only user level roles, I had to add the manager level roles. Otherwise, the manager would be stuck at the same level as users when trying to access the document.

In order to get everything to work correctly I had to uncheck the user level roles in all of the manager user profiles and only leave them with manager level roles. Otherwise their user level role would interfere with their ability to do manager level work.

To me this seems like a BUG. The example that caused me to find this was in a custom report. Hopefully this report makes it through the PR process and into the core system. It is a End-of-Day report for cash registers and mobile sales reps.

Anyway, the report limits itself to the logged in user unless the the user has Account Manager role set in their profile. The Account Managers can run the report for any user in order to get the end of day reports directly from the system.

It was this configuration that led me to trip on the Role Permissions issue. In summary…

You cannot have both the user role and the manager role set in the user profile because the permission manager will use the lowest role (account user) as the basis for deciding how the reports will work and prevent the manager from having access to other users (owner) reports.

Hope this explains it well enough.


1 Like