AugForums.com

An Acumatica User Group

Acumatica Forums

By using this website, you agree to our Terms of Use (click here)

Forums
AUG Forums
Everything Else
Restrict access to ...
 
Notifications
Clear all

Questions Restrict access to documents according the company structure

 
Everything Else
Last Post by Tim Rodman 8 years ago
4 Posts
2 Users
0 Reactions
3,135 Views
RSS
Levan Mzhavanadze
Posts: 20
 Levan Mzhavanadze
Topic starter
January 18, 2018 8:57 am
(@levan-mzhavanadze)
Member
Joined: 8 years ago

Hello,

I have an issue, when I need to restrict visibility and access to documents across the company and Row Level security works just with a master data records such as Vendors, GL accounts and so on. Rule is simple: if document (for example AP Bill) was created by my or by my subordinates according the company structure, I should have access to it, but I have no access to documents created by another tree node(s).
 
Did anyone had such kind of requirements and how you solve it? 
 
I am not absolute sure, but with standard functionality it is impossible to achieve fully secure restrictions. I have configure Generic Inquiries with condition APInvoice.EmployeeWorkgroupID = @MyGroups. This condition filters document data with according current loggon user's workgroup ID and AP Bill's Workgroup ID populated on financial details. If I have user in documents workgroup in Company Tree configuration, it shows this documents, otherwise it is hidden for users.
In spite of the GI condition, if user has this kind of link (URL - ********************ScreenId=AP301000&DocType=INV&RefNbr=000015) and changes the last number in browser link, he/she will have access to this document. 
 
Any help would be highly appreciated. 

3 Replies
Tim Rodman
Posts: 3195
 Tim Rodman
Admin
January 18, 2018 8:39 pm
(@timrodman)
Famed Member
Joined: 10 years ago

I can't think of a way to do it without customizing Row-Level Security to handle AP Bill documents. It would be pretty cool if you could just assign Row-Level Security to any DAC in Acumatica, but maybe too dangerous at the same time.


Reply
Levan Mzhavanadze
Posts: 20
 Levan Mzhavanadze
Topic starter
January 19, 2018 12:14 am
(@levan-mzhavanadze)
Member
Joined: 8 years ago

Hi Tim,

Thank you for reply.

What yoh mean under dangerous, what kind of subsequences could it have? I find out existing architecture of row level security to complex fom managing(administration) documents.

 


Reply
Tim Rodman
Posts: 3195
 Tim Rodman
Admin
January 19, 2018 9:50 pm
(@timrodman)
Famed Member
Joined: 10 years ago

I guess I mean that if they opened up any DAC to row level security, I could see how you could apply row level security to something that could break standard functionality. But that's just me guessing, I'm not really sure why they didn't open it up more.

It would probably be worth asking for a customization quote from Acumatica on this. It might not be that bad to add a customization that does what you are looking for.


Reply
Forum Jump:
  Previous Topic
Next Topic  

Online Members

  • Tim Rodman
Acumatica Forums

Terms of Use & Disclaimers :: Privacy Policy

Copyright © 2025 · AUG Forums, LLC. All rights reserved. This website is not owned, affiliated with, or endorsed by Acumatica, Inc.