Limit access to confidential PO's

You can follow the below steps to grant permission to the purchase order window. I hope this will help you grant and revoke the permissions.

• In the Permission Set window > Presentation Objects by component tab
• Search for frmPurchaseOrder in the Find Presentation Objects  and click Purchase Order (frmPurchaseOrder)
• Find  the Node Purchase Order
• You can grant and revoke different permissions. 

• After granting the Permissions please refresh the security cache

You can follow the below steps to grant permission to the purchase order window. I hope this will help you grant and revoke the permissions.

• In the Permission Set window > Presentation Objects by component tab
• Search for frmPurchaseOrder in the Find Presentation Objects  and click Purchase Order (frmPurchaseOrder)
• Find  the Node Purchase Order
• You can grant and revoke different permissions. 

• After granting the Permissions please refresh the security cache

 

Mate, sounds like the OP is asking about row-level security, like person A having access to PO X, but not PO Y. 

Possibly the permission set filter might be the way to go to achieve it, and apply them to related entities like PurchaseOrder. 

Hi,

I don’t like it if I hear something like data row security, as in my opinion it comes down to distrusting your own employees, but lets forget the philosophical route.

I don’t know a way to achieve hiding POs based upon info in the PO data. I would say that the PO should be prepared in a different site (I know with the hasle of the parts to be duplicated/replicated).

I was wondering if a confidential PO is entered, would it end up being confidential during a receipt as well? Is it only a services PO? If so why not use Word to prepare the PO and just enter the supplier invoice. If the PO is part related, it means that all data passed is confidential as well? What about the inventory transactions, should they be confidential as well? 

A can of worms in my opinion,

Steve

How nice would it be that we would be able to control the default where clause:

I have further checked this and there is no way to control the permission-based on user. 

Potentially, there is another nifty work around that might work depending on the exact context. This could work if you want to mask a few selected fields and not the entire row of data.

Say in the PO if you determine that the “confidential” part of the PO actually is with the part no, their description, and the price. You could then create 3 custom fields that would have custom logic behind them to mask the value based on the logged in user. For instance, a custom field set up to imitate Part No field would show as value ‘ABC100’ when person A logs in, but instead would show ‘ABC***’ when person B logs in. Next task is to look at all personal and base profiles and replace the standard field for Part No with the new custom field. Custom fields work on most of the standard reports too, so you could then extend the masking to printed documents too.