Report permissions

Frappe Framework Permissions
1

Hi,
Short story: (need to control hiding certain fields in reports + controlling the ability of users to customize dashboards, and add columns in standard/custom reports)

As ERPNext is growing rabidly, and many customers are joining the family, an important issue is emerging as urgent topic to solve, that is the reports permissions field level.

For instance, all of our customers are demanding stock reports to be shared with all of their team members (sales to know what to sell, warehouse keepers, procurement to know what to reorder,…) but they don’t want most of these users to know the item valuation rate, but there is no easy way to do it, so we guess updating this feature is an urgent need at this stage for reporting.

BRs
Hadi

2

Hadi,

Here is how I tried preventing showing the value for one user.

  • Opened a standard report called “Stock Balance”. It has columns related to values.
  • I removed all the stock value related columns and saved report as “Just Stock Balance”.
  • Went to tool called “Role Permission for report manager”. Ensure that original Stock Balance report is accessible only to (say) Manager. Stock User only had access on the new report.

38%20PM
38%20PM2584×790 131 KB

  • When logged-in as a new user, only new report is accessible. The standard report is hidden for that user.

It’s one time effort, but you can very much configurable for the documents which has Value field but needs to be hidden.

Will be helpful if you can share more examples, like I shared above.

3

Thanks Umair

We had this approach many times, as you can see below:
screenshot1

but the issue is that they can still add columns with prices to the new custom report:

image
image1298×551 29.4 KB

4

In my test account, user doesn’t custom button at all. The permission for report edit and write is given to very few. Please ensure in your account also, All role has only read permission on the reports.

02%20PM
02%20PM2564×966 197 KB
Screenshot 2021-12-24 at 2.41.02 PM

Here is the image of a user accessing a custom report, without any customization option.

52%20PM
52%20PM2668×818 151 KB
Screenshot 2021-12-24 at 2.47.52 PM

2 Likes
5

Hi @umair,

This solved one part of my similar problem (Thank you), but the users are still able to use add column to add in valuation column. This is after disabling prepared report is there a workaround to it.?

I tried with client script to hide the button class, it doesn’t seem to work on report page, or i have not correctly defined the script.

Thanks

6

@umair Thanks
Still, the main issue is adding a column in a report is a big issue, we can see it is still there in your own screenshot.

image
image1484×479 84.9 KB

7

I developed this permission enhancement app, used by Chinese users, at the moment, no English documentation available,

8

@szufisher, thanks will test it out during this weekend.

9

Has anyone solved this issue?

10

@umair Dear, would you please help in this issue, it has becoming a urgency for most of my customers, if there is a straight forward solution without coding would be great.

11

Hi @Hadi82 ,

Did you find a solution to this ? I actually thought you could try changing the permission level (perm level) of the field in the source doctype (probably Stock Ledger Entry in your case)

In our case, we need to ignore user permissions on certain fields in specific reports. This also seems not to be available and leaves us with the need to build separate versions of reports that already exist

I think we really do need more granular permission controls for reports now

@szufisher would be very nice if we could get that documentation in English :wink:

Kind regards,

12

Hi, sorry for the delay, I just noticed, yes actually we made a special application based on field Perm Level, that would prevent users from adding a column in reports (all types) unless they have a required Perm Level for that specific field.
issue solved for my customers

13

@wale

14