Role & Permissions

Frappe Framework Permissions
1

Hi there,
What I am trying to do:

  1. Create a custom DocType with a Link field to Supplier Master.
  2. Grant access to Supplier Master (except read-only access to suppler name & Group as required by the link field) for a special role.

What I did:

  1. I set “Perm Level” to 2 for “supplier_name, supplier_group, and naming_series” fields in the “Supplier” DocType.
  2. I created a Role for the custom DocType.
  3. I added two new permission rules for the “Supplier & Supplier Group” DocType against the new role with permission level set to 2 for both.

This seems to work just fine with blocking most of the supplier fields, but my problem is that this role is able to see sensitive financial information namely (Annual Billing and Total Unpaid fields) and my question how do I hide both of these critical fields? I simply wanted this role to only pick a valid supplier name in its custom doctype.

Any help is greatly appreciated.
Dave,

2

hi @dave-greeko do you have the answer on this? I think ERPnext haven’t considered putting a permission level on the dashboard. And I have also the same issue. We gave a read permission for a supplier doctype however we do not want that role to see the financial information on the dashboard too.