Integrating User Permissions with Sharing Features

Integrating User Permissions with Sharing Features

Introduction

iVendNext provides robust permission controls alongside flexible document sharing capabilities. While User Permissions define baseline access based on roles, the Sharing feature allows exceptions for specific collaboration needs. This article explains how these systems interact and best practices for maintaining security while enabling teamwork.




Understanding the Two-Tiered Access System

1. Role-Based User Permissions

  • Define default access levels (Read/Write/Create/Delete) for doctypes

  • Applied automatically based on user roles (e.g., Sales, Accounting)

  • Managed via Role Permissions Manager


2. Document-Level Sharing

  • Overrides role permissions for specific documents

  • Grants temporary or project-based access

  • Managed by document owners via Shared With section




How Sharing Overrides Permissions

When a document is shared:


  1. The system first checks standard role permissions

  2. Then applies any sharing exceptions

  3. Grants the most permissive access between the two systems


Example:


  • A Salesperson (no default HR access) can view payroll data if explicitly shared with them

  • An Accountant with "Read" permissions on invoices can be granted "Write" access for specific documents



Step-by-Step Implementation

1. Setting Up Base Permissions

  1. Go to Role Permissions Manager

  2. For each role, define:

    • Document types they can access

    • Permissions level (Read/Write/Submit, etc.)

  3. Assign roles to users


2. Configuring Document Sharing

  1. Open the target document

  2. Click + in "Shared With" section

  3. Select users/roles and permissions:

    • Read Only for reference

    • Write for collaboration

    • Share to allow further distribution




Security Best Practices

1. Permission Design Principles

  • Follow least privilege - only grant necessary access

  • Use role hierarchies to simplify management

  • Implement approval workflows for sensitive shares


2. Audit and Compliance

  • Regularly review:

    • Permission Manager Report (system-wide access)

    • Document Sharing Logs (exception-based access)

  • Set up automated alerts for:

    • Sensitive documents being shared

    • External user access



Common Use Cases

1. Cross-Department Projects

  • Core team has role permissions

  • Temporary members added via sharing


2. Manager Overrides

  • Managers can share documents beyond standard permissions

  • With approval workflows for compliance


3. External Collaboration

  • Vendor access to specific purchase orders

  • Client access to their project documents



Troubleshooting

Issue

Solution

User can't access shared document

Check for conflicting permission restrictions

Changes not saving despite Write access

Verify document is in editable state

"Shared With" option missing

Confirm user has sharing privileges



Conclusion

By strategically combining User Permissions with Document Sharing, organizations can maintain security while enabling necessary collaboration. Regular audits and clear sharing policies ensure this powerful combination remains effective without compromising data protection.



    • Related Articles

    • Document Sharing and Collaboration

      Introduction Effective collaboration is at the heart of any successful organization. iVendNext’s Document Sharing feature allows users to share specific documents with colleagues, ensuring seamless teamwork even when standard permissions might ...

    • Understanding User Roles and Permissions

      Introduction: Welcome to iVendNext! As a new user, understanding how user roles and permissions function is crucial for the secure and efficient operation of your system. iVendNext employs a robust system of roles and permissions to control access to ...

    • Managing User Roles and Permissions

      Introduction Roles and permissions are the backbone of security and access control in iVendNext. They determine what users can see, edit, and manage within the system. This guide explains how to: ✔ Create and assign roles ✔ Configure granular ...

    • iVendNext - Overview and Key Features

      What is iVendNext? iVendNext is a web-based retail management software designed for mid-to-large retailers, integrating AI, ERP, and CRM capabilities. It streamlines operations like inventory management, customer relationships, and financial ...

    • User Permissions: Restricting Access to Specific Documents

      Introduction While Role-Based Permissions control access to document types (e.g., Sales Orders, Leave Applications), User Permissions take security further by restricting users to specific records—such as only their assigned customers, territories, ...