Report Permission Setting to restrict report access

Hello,

If I allow Sales Invoice doctype and check Report in Role Permission Manager then the users will have access to all reports associated with Sales Invoice i.e. Account Receivable, Gross Profit, Sales Invoice Trends, Sales Register etc.

Let’s say I want to hide/disable Gross Profit report for certain role/user…I think it would be nice if there’s permission setting for reports in addition for Doctype permission, so we can allow/disallow users to access reports even its doctype is allowed

Is there work around how to achieve this for now? I’m using v5…

Thanks

Hello,

You can create custom role, and don’t allow that role to have access on the reports based on Sales Invoice.

Hi,

My use case, I want to disallow some reports only, not all reports based on Sales Invoice. The user is able to create invoices and view some reports based on Sales Invoice, but Gross Profit or some other reports are restricted.

Any ideas?

Tks

Hello community,

Anybody can help me on this? since latest erpnext v5 doesn’t has specific report permission setting.

As an example. User A is able to access sales invoice doctype, doing data-entry and view some reports only of that doctype. But I want to restrict some sales invoice report for them. Is there work around to do this?

The problem is when we allow Report of Sales Invoice Doctype in Role Permission Manager then the users are able to access all reports associated with that Doctype.

Thanks

Are you a developer?

If yes and if i was you, i would have monkey patched run function for report to add custom validations

No, I am end-user. Can you give an example how to add custom validation for report?

For erpnext experts, as end-user., in my opinion…specific report permission setting would be very useful. We have to make sure, the users are only able to see information that they’re authorized to see. So you might need to consider to add it.

Thanks

1 Like

I’ve just created an issue on Github for this:

I have read a solution in another thread but don’t remember the source, but it solved the problem for me. The solution is very simple:


Hiding Financial statements for accounts users

  • Create a Doctype and name it “Financial Reports” (or whatever name)
  • Create a New Role and give it “Report” permissions on the “Financial Reports” Doctype (Or only give that permission for the Accounting Manager)
  • Go into ERPNext Reports List and change the “ref doctype” of the reports you need to hide to “Financial Reports”

Once this is done, these changed reports will be only permitted to the roles with access to “Financial Statements” DocType

I don’t think what you documented is correct.

  1. We cannot make changes to the core reports in production, so it will not allow to change ref doctype.
  2. Even if it allowed then Ref Doctype is the base document which is used for the report to fetch the data from.

Maybe you tried something else.

It works in after settings the server as production for the first time, and then enable developer mode.
You will be able to edit and create Doctypes, while for the normal user it works perfectly.
After enabling developer mode and setting the Ref Doctype, this ref doctype setting won’t affect the reports, it is just a reference which will allow you to make a separate permissions for it.
It works on my setup without any issues with the reports’ content

Well in developer mode you can always customize the whole user roles and role permission from scratch.

But I did find a better way to solve it.

https://docs.erpnext.com/docs/v12/user/manual/en/setting-up/users-and-permissions/role-permission-for-page-and-report

This does exactly what you were looking for.

1 Like