Integrating User Permissions with Sharing Features
Overview
iVendNext combines strong permission controls with flexible sharing options. Roles set default access, while sharing allows exceptions for collaboration. This article covers how they work together and tips for secure teamwork.
Understanding the Two-Tiered Access System
1. Role-Based User Permissions
Define default access levels (Read/Write/Create/Delete) for doctypes
Applied automatically based on user roles (e.g., Sales, Accounting)
Managed via Role Permissions Manager
2. Document-Level Sharing
Overrides role permissions for specific documents
Grants temporary or project-based access
Managed by document owners via Shared With section
How Sharing Overrides Permissions
When a document is shared:
The system first checks standard role permissions
Then applies any sharing exceptions
Grants the most permissive access between the two systems
Example:
A Salesperson (no default HR access) can view payroll data if explicitly shared with them
An Accountant with "Read" permissions on invoices can be granted "Write" access for specific documents
Step-by-Step Implementation
1. Setting Up Base Permissions
Go to Role Permissions Manager
For each role, define:
Document types they can access
Permissions level (Read/Write/Submit, etc.)
Assign roles to users
2. Configuring Document Sharing
Open the target document
Click + in "Shared With" section
Select users/roles and permissions:
Read Only for reference
Write for collaboration
Share to allow further distribution
Security Best Practices
1. Permission Design Principles
Follow least privilege - only grant necessary access
Use role hierarchies to simplify management
Implement approval workflows for sensitive shares
2. Audit and Compliance
Regularly review:
Permission Manager Report (system-wide access)
Document Sharing Logs (exception-based access)
Set up automated alerts for:
Sensitive documents being shared
External user access
Common Use Cases
Some of the common use cases are:
1. Cross-Department Projects
Core team has role permissions
Temporary members added via sharing
2. Manager Overrides
Managers can share documents beyond standard permissions
With approval workflows for compliance
3. External Collaboration
Vendor access to specific purchase orders
Client access to their project documents
Troubleshooting
Here’s a quick look at some common issues you might run into.
Related Articles
Document Sharing and Collaboration
Introduction Effective collaboration is at the heart of any successful organization. iVendNext’s Document Sharing feature allows users to share specific documents with colleagues, ensuring seamless teamwork even when standard permissions might ...Understanding User Roles and Permissions
Overview User roles and permissions are key to keeping your application secure and running smoothly. They control who can access what, based on each user’s responsibilities. This article explains the basics to help you set up and manage roles in ...Advanced User Settings and Security Features
Overview iVendNext provides advanced security features to safeguard data and block unauthorized access. This article covers: ? Two-Factor Authentication (2FA) ? IP & Time-Based Login Restrictions ⚙️ API Access & Security Keys ? Audit Logs for User ...Managing User Roles and Permissions
Overview Roles and permissions in iVendNext control what users can view, edit, and manage, ensuring secure access. This article explains how to: ✔ Create and assign roles ✔ Configure granular permissions ✔ Restrict document access (e.g., "Only If ...iVendNext - Overview and Key Features
What is iVendNext? iVendNext is a web-based retail management software designed for mid-to-large retailers, integrating AI, ERP, and CRM capabilities. It streamlines operations like inventory management, customer relationships, and financial ...