First, a brief explanation of what I’m trying to do. In my company, we have departments, with heads of departments, and heads of departments answer to management. I am trying to set up leave application permissions with this structure.
With this in mind, I set up departments in ERPNext, with default leave approvers. These leave approvers have been given permissions on their respective departments. This all works as expected, with them being able to see all applications from their department, with everyone else being able to see only their own applications.
Where things get messy is with the aforementioned management users. I can’t give them permissions on the departments, as they’ll see all applications. When I added permissions for each of the department heads’ employee entries manually, I expected this to solve the problem. Unfortunately, they can still see all leave applications.
TL;DR: Why does “Employee” user permission not apply to Leave Application?
EDIT: Just realized I should definitely mention version numbers:
ERPNext: v12.6.0 (version-12)
Frappe Framework: v12.4.1 (version-12)