Limited User

In ERPNext, all users do not need full system access. Some users may need access to limited documents for their routine work, i.e., marking attendance or requesting leave. To handle such situations effectively, ERPNext offers the concept of Limited Users.

Limited Users have access to only certain documents in particular modules.

Example:

  • In an organisation with 500 staff members, just 100 staff members (such as HR, Accounts, and Managers) might need access to all ERPNext modules and reports.

  • The other 400 staff members might need access only to request leave, take attendance, or view their salary slips.

Rather than providing them a System User license, which allows access to both the Desk and several modules, ERPNext brings in Employee Self Service (ESS) and the feature to have custom User Types defined.

1. User Type

The User Type document regulates how access is established for users.

Go to:
Home > Users and Permissions > User Type

ERPNext comes with two default User Types:

  1. System User: Can access the Desk and the Website Portal.

  2. Website User: Only able to access the Website Portal.

Note: These default user types (System User and Website User) cannot be removed or modified.

User Type

2. Non-Standard User Type

For dealing with special scenarios such as Employee Self Service, ERPNext provides you with the option to create Non-Standard User Types. These can be completely customised to specify which doctypes the user is allowed access to and how the permissions must be applied.

2.1 Custom Role and User Permission

For a non-standard user type, you must set up:

  • Custom Role: Controls the access behaviour.

  • Apply User Permission On: The doctype where the limitation is being applied.

  • Fieldname of the User: The field used to associate the employee with his user account.

Example:

In the Employee doctype, you have a field, User ID that references the User document.

  • If you have Apply User Permission On = Employee, then the logged-in employee can view only those records where the Employee field equals their profile.

  • That is, an employee will view just his or her Salary Slip, Attendance, or Leave Application, but not other employees'.

2.2 Document Types

Under the User Type, you need to specify which Doctypes that role has access to.

  • This table serves as the Role Permission Manager for the given User Type.

  • Example: For Employee Self Service, you would enter doctypes such as Leave Application, Attendance, Salary Slip, etc.

  • Important: These permissions are not displayed in the standard Role Permission Manager since they are maintained directly within the User Type document.

2.3 Document Types (Select Permissions Only)

ERPNext brings in another option titled "Select Permissions Only".

  • Here, you can enter doctypes where the user should have view-only (read/SELECT) privileges.

  • This prevents users from creating or editing records for these doctypes.

  • Example: An employee is able to read company announcements, published policies, or training material but is not able to create or modify them.

Follow for more

Discard
Save
Draft
Edit Page New Page Revisions Page Settings

Previous Page

Left

Next Page

Right

On this page

Review Changes ← Back to Content
Message Status Space Raised By Last update on