Compiere allows to define security rules based on Table, Column or Field and Record level. Here, we discuss your options of Field or Column level security.
There may be situations where you do not want specific users to have access to certain data. For example, for some of your data entry clerks you do not want them to update the price list on Sales Orders. When entering Sales Orders, the price list will default to the default sales price list defined for the entered Business Partner (if no default it defined then the default price list is used). The data entry clerks should be able to see the price list, but the field should be read only. The data entry managers, however, should be allowed to update the price list.
This can be accomplished in Compiere in a few easy steps.
- Open the Role Data Access Window and select the Role you want to set the field secuirty for (set price list to Read Only). In this example we will use GardenUser
- Go to the Column Access tab
- Select the Table C_Order
- In Column select M_PriceList_ID_PriceList
- Select the Active, Exclude and Read Only check boxes
Now log in with the GardenUser Role. Note if you are already logged in with the GardenUser Role you will need to log out as the security settings are cached.
When you open the Sales Order window you will see that the Price List field is displayed, but it is read only and cannot be updated. If you log in with the GardenAdmin Role and open the Sales Order window you can update the Price List.
Some hints and tips:
- Remember that Security settings are cached on the server
- If you have defined multiple windows for a table (in this case Sales Orders), the restriction will be in place for all windows as the restriction is at the table level.
- If you are setting a required field (like Price List) to read only, ensure that you have the appropriate default values defined!