ERPNext.com Frappe Cloud Support Partners Foundation Frappe School

Create a new Admin Role aside from the System Manager

Anyone have tried creating or duplicating the system manager role? I need to create another role that can only view and modify the role permission manager and user but cannot modify or create any custom scripts, custom fields and custom doctype. This new role will only be added to assist the system managers to check each user’s permissions since the system manager is already loaded with work and what she can do is supervise and delicate some tasks for her employees but ofcourse they are still some modules and doctypes they should not access.

However, the new role cannot view and access the “Has Role” table. See the sample image below. Can anyone help me with this? Thank you.

image

Hi @ponyooooo

Did you find a way to achieve this ? I think this is a very good idea. The System Manager role is currently very wide in it’s scope and there should be a more limited admin privilege that allows for managing Users particularly without giving access to everything else like Custom Scripts, Custom Doctypes etc…

Currently looking for this as well. It would be great to duplicate a role and delete the permissions the new role shouldn’t have.
I’m hiring someone on Fiverr to create a feature to my site but giving them access as a ‘system manager’ is way too wide, I don’t want to give that level of trust… but the only alternative is to go through all the items 1 by 1 and add the appropriate ones.

This is death by a thousand clicks. And I’m being dramatic.

This has been asked several times, but there’s no answer.
Search results for ‘duplicate ‘Role’ permissions?’ - ERPNext Forum
Data import/export didn’t work as the role permissions manager isn’t a ‘doctype’

Any insight would be so helpful right now.

try the following hack

  1. create a new data import, choose Custom DocPerm as reference doctype
  2. do the import.

Thank you for your response, I looked into this and I do want to figure this out. Having to put all of those in a spreadsheet isn’t much of an improvement if I still have to do the permissions one by one

I’d like to be able to copy the system manager role and remove the permissions that I don’t want there for the fiverr contractor, but I don’t think there’s a way to ‘export’ the role or copy the permissions, there are thousands of permissions to work through, spreadsheet or not, an exhausting process to get someone working on my site without exposing sensitive information.

the same data import function also support export existing data from the system to Excel by the download template button, you can remove records base on the exported records and find & replace the role name, then import again.

I don’t think that export works with the role permissions manager because it’s not a doctype

My apologies if I am wrong here this is all kind of confusing. I did try that

Just try and confirm whether it works for you, I myself already tested on my instance.