I dont understand the permission level

Saeed_Murrad · August 31, 2018, 9:19am

Permissions can be assign to any user with particular permission level. Anyone tell me how to assign permission level to any user?

root13F · August 31, 2018, 10:12am

You don’t assign Permission Level to a user directly, but you assign it to a role. Then users with that role will be able to perform operations on them as allowed in Role Permissions Manager.

Saeed_Murrad · August 31, 2018, 10:31am

For example if a user have account manager role and level 0 by default with permissions. If I add new rule regarding account manager with level 1 then how this new rule will be implemented? I want to hide some fields from level 1 account manager. How system will justify that this user have account manager role with level 1 or 0?

shahid · August 31, 2018, 2:10pm

Check the links

https://erpnext.org/docs/user/manual/en/setting-up/users-and-permissions

https://erpnext.org/docs/user/manual/en/setting-up/users-and-permissions/role-based-permissions

Saeed_Murrad · August 31, 2018, 5:46pm

I already read these links but thanks to reply

flexy2ky · August 31, 2018, 6:24pm

Roles and Permissions is easily one of the most complicated part of ERPNext. Basically you have to understand the different permission activators and how they affect each role. But if i understand you clearly you want to hide “Fields” from that user. I doubt if you can hide certain fields within a doctype. What i know you can do is make certain doctypes readable to the user such that no modifications can be carried out by that user. I may be wrong but i think it is impossible to hide fields on a particular doctype for certain users.

bedo · August 31, 2018, 9:17pm

Sure you can hide doctype fields from a user group. Just change permission level to 1 for a given field and add this permission level to the permission with read unchecked.

Permissions are pretty powerfull once you understand them;)
IN your case, given doctype starts with perm. level 0. Here you assign general permissions for the doctype. The system will then evaluate perm. Level 1 and so on. So if say for doctype field Abc you change perm. level to 1 and then set this level 1 as no read to account managers role, that field will be invisible to them.
But be careful not no combine different roles. If you give user another role - say role employee and give this role read/write perm.1 then the user will of course see that field.