Permission restriction setting should be done for each document type separately. It means to have Stock Ledger Entries also restricted based on Warehouse, you should do same setting as done for item in the Role Permission manager for Stock Ledger Entry.
Is it possibly a bug? Apply User Permission doesn’t work… The user still can make stock transactions for all warehouses. I have checked Apply User Permission for each doctype and assigned restricted record for the user to a specific warehouse…
I’m using v5.0.11 now and user permission setting doesn’t work as expected.
Steps to replicate the issue:
Set User A as Material User
Select a doctype in Role Permission Manager i.e. Purchase Receipt
Check Apply User Permission
Add User Permission record for User A for Doctype:Warehouse and set the value > Warehouse B
Login as User A and go to Stock > Purchase Receipt
It shows all Purchase Receipt records. >> It should only list down Purchase Receipts for Warehouse B which is permitted for User A.
Click any of those lists then it will deny if the warehouse is not permitted. User Permission applies correctly here, but in my opinion just hide the records where the user is not permitted
Click on the report of Purchase Receipt List 9. Same behavior I got. It listed down all records including the warehouses where User A is not permitted, even-though it denied access if you click one of those lists to see the details…
This also happens for other doctypes or reports where Apply User Permission is checked.
On Stock Ledger Report, User Permission does work where it only shows records of Warehouse B. But not for Stock Balance Report…
@Jonathan_Fanny_Lie Can you share the full permissions of the WAREHOUSE and ALSO the ROLES that you have assigned to the USER.
Now I believe you only want your users to see a PARTICULAR Warehouse. If so then Why are you giving them the permission to create a WH?
Second I also believe you want the user to view stock ledgers of that warehouse?
Now when I checked for your problem I guess I found the issue…basically you are giving your USER 2 ROLES Namely:
Material Master Manager (which is restricted in viewing of WH)
Material User (which is UNRESTRICTED in viewing of WH)
Now due to this the users are able to see all the WH. Can you check if that is the case.
What I think you should do in your case is to give such users only ONE ROLE and add that role if its not there in the role permission of that document this would keep things simple as assigning multiple roles is kind of confusing.