User Permissions
ianaiERP's permission system allows you to control access to different features and data within the application. This granular control ensures that users only have access to the information and functions they need to perform their roles.
User Types
ianaiERP supports four primary user types, each with different default permissions:
- Owner: Full system access with all permissions
- Administrator: System-wide administrative access
- General User: Standard access for everyday users
- Work Center: Limited access focused on production operations
User Information
When setting up or editing a user, you'll need to provide:
- Email: The user's email address (serves as their username)
- User Type: Selecting from one of the four types mentioned above
- First Name: The user's first name
- Last Name: The user's last name
- Companies: One or more companies the user has access to
- Departments: One or more departments the user belongs to
- Locations: One or more physical locations the user works in
Note: If no companies, departments, or locations are specified, the user will have access to all data across all organizational units.
Permission Categories
Permissions in ianaiERP are organized by functional modules, each with separate Read and Write permissions:
Inventory Management
- Item: View and manage inventory items and products
- Adjustment: Access to inventory adjustments and counts
- BOM: View and modify Bills of Materials
Production
- Build: Access to build orders for manufacturing
- Work Order: View and manage production work orders
Purchasing
- Vendor: Access to supplier information
- Purchase: View and manage purchase orders
Sales
- Customer: Access to customer records
- Sales: View and manage sales orders
- Shipping: Access to shipping information and functions
- Return: Ability to view and process returns
- Credit Memo: Access to credit notes and refunds
Other Modules
- Support: Access to customer support features
- Settings: Access to system configuration
- Reporting: Ability to view and generate reports
- Master Record: Access to core system data
Managing Permissions��
To edit user permissions:
- Navigate to Name on the top right > User & Permission.
- Find the user you wish to edit and click on their name or the edit icon.
- In the Edit User dialog, you'll see the User Information panel on the left and Permissions panel on the right.
- Toggle the switches to grant or revoke Read and Write permissions for each module.
- Click Save to apply the changes.
Read vs. Write Permissions
- Read: Allows users to view information without making changes
- Write: Allows users to create, edit, and delete information
Note: Write permission automatically includes Read permission.
Organization-Based Access Control
The combination of user types and organizational assignments (companies, departments, locations) creates a powerful access control system:
- Users only see data for the companies, departments, and locations they're assigned to
- When multiple organizations are assigned, users can access data across all of them
- Users with no organizations specified have global access within their permission limits
Best Practices
- Principle of Least Privilege: Grant only the permissions necessary for each user's role.
- Regular Audits: Periodically review user permissions to ensure they remain appropriate.
- Role-Based Assignments: Create standard permission sets for common roles in your organization.
- Clear Documentation: Maintain records of who has access to what and why.
- Access Reviews: Have managers verify their team members' access requirements regularly.
Related Features
For more detailed information on advanced permission configurations and security best practices, please refer to the specific sections in this documentation.