Hi Team,
We have a requirement to implement object permissions for our use case, and I have been working on setting these up. Despite following the documentation provided in the link below, we are encountering issues where the permissions do not seem to be functioning correctly. Specifically, users are able to delete records even when they do not have delete permissions, and similar issues are occurring with other operations.
I followed the guidance in the following documentation: Creatio Object Operation Permissions Documentation
Could you please assist us in resolving this issue?
Thank you!
Best regards,
Asif Shaik
Like
Asif Shaik,
Hello. Your user has System administrators role which by default has permission for operation CanDeleteEverything
Hello,
Could you please provide us with a screenshot of object permissions for the mentioned object and the screenshot of roles of a user that can delete the records despite not having the rights to do so.
Also, specify if you made sure to run the "Update object permissions" action after setting up the new access rights.
Mira Dmitruk,
Hello,
Thank you for your response.
I have used a sample object and user for testing purposes. Please find attached the screenshots you requested:
-
Object Permissions Screenshot:
-
User Roles Screenshot:
Despite these configurations, the user is still able to delete records. Could you please help me identify what might be going wrong or if there are additional steps I need to follow?
Thank you for your assistance!
Best regards,
Asif Shaik
Asif Shaik,
Hello. Your user has System administrators role which by default has permission for operation CanDeleteEverything
Andrii Orlenko,
Hello,
Thank you for your valuable input. I realized it was a simple mistake on my part regarding the System administrators role having the CanDeleteEverything permission. I have now corrected it and successfully achieved the desired outcome.
Thank you once again for your assistance!
Best regards,
Asif Shaik