Hi Everyone,
I have tried searching for the answer to this problem but I failed.
I need help on how to implement permission that if the logged-in user is the Employee, then the user is allowed to view the record or a certain field.
Like for example in my case, Salary fields should only be visible to HR Manager, CEO, or the employee itself.
Thank you so much in advance!
@hanztura
In employee master, there is a section called ERPNext user and in that there is a checkbox. If you enable that then the employee will only be able to see his details like salary slip, his employee master, etc. For CEO or HR Manager, you can give a higher role like that of HR user / Manager so that they can also view their details as well as other employees.
Hope this helps.
Regards,
Reema
@Reema_Mehta I appreciate the help.
The remaining problem is I also need other employees to view some Employee fields of their co-employees.
I know this can be done either by (1) adding another user permissions, or (2) by not implementing user permissions at all.
Is there an efficient way of addressing this requirement?
Just in case you need an example:
Employee records:
Here John can view all the details of “John” employee record, because that is his own record.
Jane and Mark can also view SOME of the fields in John’s record. Like for example Jane and Mark can view the Full name, employee number, and phone number.
Thank you!
@hanztura
Hi, did you check the user permissions video that we released. Maybe that would answer your questions:
Hello @Reema_Mehta
Yes I have seen the video two times now, but still it didn’t cover this particular requirement.
Maybe erpnext is not yet ready for this particular requirement
Hi @hanztura,
Currently this feature is not available out of the box. However, we are working on this and it is in our roadmap.
For now, if user permissions are applied, the user will be allowed to view only their profile or if no user permissions are applied, then user will be able to see all the fields of all the employees.
Hope this helps.
hi @michelle thank you for the inputs. I appreciate it a lot.
Though its not the efficient solution but I found a small work around. Using the “Share permission” feature, we can allow one or more users to have edit permission.
What’s lacking in this share permission tool though is the ability to give permission level. Because the salary fields that are supposed to be viewable/editable by the employee his/herself are still hidden (permission level is implemented to hide these private fields).
Currently only read, write, and share are available in share permission.
I think being able to give permission level in the share permission feature would be a great upgrade, and provide quick solution to this requirement.
In most organization, the department head can view the employee records in that department. Create User Permission for Department so the head can view the employees. You can also restrict the doctypes.