11WorldSync Global Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Personnel - Access Rights & Keys - How Are Rights and Key Permissions Applied in the System?

CommunityJedi22
Community Manager
Community Manager

‎12-05-2024 09:08 AM - edited ‎07-02-2025 01:06 PM

DOCUMENT ACCESS CHECKS

Read Access 

The check is done in the following order:

  • If the user is in contact
  • if the document is not externally viewable (this should be the store site checkbox on the document list page), return false
  • If the user is the same as the document contact, return true
  • If the document is CPAS and if the user is approver, return true
  • If the contact can read all quotes (Enable ALL documents on the StoreSite to be viewed by this contact. - found on the edit contact page)
  • If a contact belongs to the same company as a document, return true
  • if the document company is a subsidiary that the contact has access to, return true
  • If none of the above conditions matches for contact, return false
  • If the document is CPAS and VIEW_CPAS_ORDERS (View Company Purchase Approval System documents in Admin.) is not checked, return false
  • If the user is the salesperson of the document, return true
  • if the user has VIEW_ALL_SOS access (View all Quotes, Proposals, Sales Orders, Invoices, and RMA(s)), return true
  • If the user is the owner of the document, return true
  • If the user belongs to the same group as the document owner and has read access, return true
  • If all this fails, check access keys to see if the document owner has granted read permission to the user

Edit Access The check is done in the following order:

  • If the document is deleted, locked, complete, or canceled, return false
  • If the user has VIEW_ONLY access (this can be found in the system profile: View Only SalesRep (Read Only)), return false
  • If the user is contact and can user read, the user can edit the quote
  • If the document is CPAS, return false
  • If the document is a Proposal, return false
  • If the document is not a sales document (proposal, cart, RMA, quote, order, invoice), return false
  • If the document is quote and the user has EDIT_QUOTES access (Create / Edit Quotes and Proposals for all Customers), return true
  • If the document is ordered and user has EDIT_ALL_SOS access (Create / Edit Sales Orders for all Customers), return true
  • If the document is the invoice and the user has EDIT_ALL_INVOICES access (Create / Edit Invoices for all Customers), return true
  • If the user is the owner of the document, return true
  • If the user belongs to the same group as the document owner and has write access, return true
  • If all this fails, check access keys to see if the document owner has granted written permission to the user

Delete Access The check is done in the following order:

  • If the user has VIEW_ONLY access (this can be found in the system profile: View Only SalesRep (Read Only)), return false
  • If the user is a contact and can user read, the user can edit the quote
  • If the document is CPAS, return false
  • If the document is a Proposal, return false
  • If the document is not a sales document (proposal, cart, RMA, quote, order, invoice), return false
  • If the document is quote and the user has EDIT_QUOTES access (Create / Edit Quotes and Proposals for all Customers), return true
  • If the document is ordered and user has EDIT_ALL_SOS access (Create / Edit Sales Orders for all Customers), return true
  • If the document is an invoice and the user has EDIT_ALL_INVOICES access (Create / Edit Invoices for all Customers), return true
  • If the user is the owner of the document, return true
  • If the user belongs to the same group as the document owner and has to delete access, return true
  • If all this fails, check access keys to see if the document owner has granted delete permission to the user

ACCOUNT ACCESS CHECKS

PRICE PROFILE ACCESS CHECKS 

Read Access. The check is done in the following order:

  • If the user is a sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
  • If the user is the owner of the price profile, return true
  • If the user belongs to the same group as the price profile owner and has read access, return true
  • If all this fails, check access keys to see if the price profile owner has granted read permission to the user

Edit Access The check is done in the following order:

  • If the user is a sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
  • If the user is the owner of the price profile, return true
  • If the user belongs to the same group as the price profile owner and has write access, return true
  • If all this fails, check access keys to see if the price profile owner has granted written permission to the user

Delete Access The check is done in the following order:

  • If the user is a sales rep and has access to MODIFY_PRICE_PROFILES (Edit All Price Profiles & Tiers), return true
  • If the user is the owner of the price profile, return true
  • If the user belongs to the same group as the price profile owner and has to delete access, return true
  • If all this fails, check access keys to see if the price profile owner has granted delete permission to the user

(where delete is allowed only when there are no customers )

Learn more about Access Keys: https://community.1worldsync.com/t5/ChannelOnline-Help-Links/Access-Keys/ta-p/16247 

Labels:
0 Kudos
Comment
Version history
Revision #:
5 of 5
Last update:
‎07-02-2025 01:06 PM
Updated by:
Community Manager
 
View Article History
Contributors