Most Powerful Open Source ERP

Technical Note User Permisson Troubleshooting

Notes showing how to solve the a number of access and security problems.
  • Last Update:2018-06-26
  • Version:001
  • Language:en

This note tries to provide help on troubleshooting security and permission based problems. Make sure you have read How to set Access Permissions, this can already solve many issues.

Table of Contents

Update Local Roles

After you made notification to roles on a specific portal type make sure to call Update Local Roles from the actions menu to make your changes come into effect.

Add Missing ERP5Type_getSecurityCategoryMapping

"""
Understand this and make it suit your needs
"""
return (
# This one combines function, type of procedure and destination to generate a security group
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['destination', 'function', 'publication_section', ] ),
# This one is the usual group and function security
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['function', 'group',] ),
#  ('ERP5Type_getSecurityCategoryFromAssignmentParentGroup', ['function', 'group',  ]),
# This one is the usual group, function and site security, needed if access rights depend on site
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['function', 'group', 'site'] ),
# This one is the usual group security
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['group',] ),
#  ('ERP5Type_getSecurityCategoryFromAssignmentParent', ['group',] ),

# This one is the usual function security
#  ('ERP5Type_getSecurityCategoryFromAssignment', ['function'] ),
# This one is the usual role security
#  ('ERP5Type_getSecurityCategoryFromEntity', ['role'] ),
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['role', ]),
# This one combines role and publication_section
#  ('ERP5Type_getSecurityCategoryFromAssignmentStrict', ['publication_section', 'role', ] ),

)

This script is added during configuration of your ERP5 instance. If you do not use the configurator, it may be missing. This will cause your correct permissions to not have any effect, because the category mapping has not been made.

To add it, simply copy the script to your portal_skins/custom folder or where you deem suitable and uncomment the category mapping you would like to utilize. Note it is not necessary to call the script, it will be run automatically whenever permission rights are being evaluated for a document.

Related Articles