Regarding Access Permissions

Hi,

I have to implement access permissions for a Applications in a 7.13.3 version. 
1. Every record in the Applications section should visible to all the users.

2. In my instance, 3 functional roles are there such as Agent, Manager, and Approver.

3. I have assigned 2 users for the Agent role. The records which are created by Agent1 should not be edited or deleted by the Agent2 except the manager. 

Step 1: The records which are created by Agent1/Agent2 are only edited by manager and it's owner. It is working as expected.

Step 2: The records which are created by Agent1/Agent2 are able to delete by every user event Agent2 also. But, in our case the record should not be deleted by other agent, other than manager and its owner.

I have given the default permissions like the attached screenshots below here:


Like 0

Like

3 comments

Hello!

 

You can check what access rights are distributed by going into the record and selecting "set up access rights". DSA Agents will be able to delete records if they created them. Other users may have access to deletion if there are incorrect roles inheritance. It will be better to deny access for delete operation to all roles and allow it only to certain roles. 

Angela Reyes,

Can you please tell me more clearly. Actually, I didn't get what you said.

Nagamani Dangeti,

 

Open record in Applications section and go to actions -> set up access rights to check who can delete records. To complete your task go to access to objects permissions and deny delete operation in access to object tab for Applications.

Show all comments