We are APPs 9 UD 13.

We have a custom field on the header for Order Responsible Person.  Only this user ID is allowed to make certain changes to the order, reschedule, etc. 

Then there is a custom event to validate the allowed change against the user to check that the user making the change is the current Order Responsible Person.

It is possible for the field to be changed to the current user, then make a change, and switch the field back.  But the extra steps force someone to think about it first.  We also have history logging on the field in the case we find someone doing more than they should be so we can trace it out.

Your requirement is a little bit more detailed in that you also want a hierarchy to be allowed to also make the change.  In this case, you would need a custom table that contains both the manager and the direct reports and the event would need to validate either the manager or the direct report.

This doesn’t affect the view of anyone from a permission standpoint, nor does it prevent changes that aren’t validated (customer contact, email, etc) that might be made by central order entry.  But it does restrict critical changes that might affect the outcome of or cause order delays.

You could build this off of the Salesman or the Main Representative or both, but you would need to build the logic to track the relationship between them and which fields you want to restrict based on which order status. (In Planned, we don’t restrict anything for example)