Content Solutions DocumentationPublished Date: November 4, 2019 Downloaded: May 3, 2024, 3:13 pm |
 |
Content Solutions Documentation |
Personnel – Access Rights & Keys – How are rights and key permissions applied in the system?
November 4, 2019
DOCUMENT ACCESS CHECKS
Read Access
The check is done in the following order:
- If user is contact
- if document is not externally viewable (this should be the store site checkbox on document list page), return false
- If the user is same as document contact, return true
- If document is CPAS and if user is approver, return true
- If contact can read all quotes (Enable ALL documents on the StoreSite to be viewed by this contact. – found on edit contact page)
- If contact belongs to same company as document, return true
- if document company is a subsidiary that the contact has access to, return true
- If none of the above conditions matches for contact, return false
- If document is CPAS and VIEW_CPAS_ORDERS (View Company Purchase Approval System documents in Admin.) is not checked, return false
- If user is the salesperson of document, return true
- if user has VIEW_ALL_SOS access (View all Quotes, Proposals, Sales Orders, Invoices and RMA(s)), return true
- If user is owner of document, return true
- If user belongs to same group as document owner and has read access, return true
- If all this fails, check access keys to see if the document owner has granted read permission to user
Edit Access
The check is done in the following order:
- If document is deleted, locked, complete or cancelled, return false
- If user has VIEW_ONLY access (this can be found in system profile: View Only SalesRep (Read Only)), return false
- If user is a contact and can user read, user can edit quote
- If document is CPAS, return false
- If document is Proposal, return false
- If document is not sales document (proposal, cart, RMA, quote, order, invoice), return false
- If document is quote and user has EDIT_QUOTES access (Create / Edit Quotes and Proposals for all Customers), return true
- If document is order and user has EDIT_ALL_SOS access (Create / Edit Sales Orders for all Customers), return true
- If document is invoice and user has EDIT_ALL_INVOICES access (Create / Edit Invoices for all Customers), return true
- If user is owner of document, return true
- If user belongs to same group as document owner and has write access, return true
- If all this fails, check access keys to see if the document owner has granted write permission to user
Delete Access
The check is done in the following order:
- If user has VIEW_ONLY access (this can be found in system profile: View Only SalesRep (Read Only)), return false
- If user is a contact and can user read, user can edit quote
- If document is CPAS, return false
- If document is Proposal, return false
- If document is not sales document (proposal, cart, RMA, quote, order, invoice), return false
- If document is quote and user has EDIT_QUOTES access (Create / Edit Quotes and Proposals for all Customers), return true
- If document is order and user has EDIT_ALL_SOS access (Create / Edit Sales Orders for all Customers), return true
- If document is invoice and user has EDIT_ALL_INVOICES access (Create / Edit Invoices for all Customers), return true
- If user is owner of document, return true
- If user belongs to same group as document owner and has delete access, return true
- If all this fails, check access keys to see if the document owner has granted delete permission to user
ACCOUNT ACCESS CHECKS
PRICE PROFILE ACCESS CHECKS
Read Access
The check is done in the following order:
- If user is sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
- If user is owner of price profile, return true
- If user belongs to same group as price profile owner and has read access, return true
- If all this fails, check access keys to see if the price profile owner has granted read permission to user
Edit Access
The check is done in the following order:
- If user is sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
- If user is owner of price profile, return true
- If user belongs to same group as price profile owner and has write access, return true
- If all this fails, check access keys to see if the price profile owner has granted write permission to user
Delete Access
The check is done in the following order:
- If user is sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
- If user is owner of price profile, return true
- If user belongs to same group as price profile owner and has delete access, return true
- If all this fails, check access keys to see if the price profile owner has granted delete permission to user
(where delete is allowed only when there are no customers )
Learn more about Access Keys: https://help.1worldsync.com/channelonline/info/access-keys/