It would be great if it was possible to have lower priviledged accounts.
At the moment there are only
It has been asked for roles before (Role-based access control (RBAC)), but I think for me it is not necessary to define complicated roles on my own.
If there is a sales person, who writes quotes and invoices, this sales person has to be able to do most of the tasks like:
- add and change customers
- add and change products
- write and modify quotes and invoices
I could wonder, if I would have to disallow this sales person, to delete customers. Hey, but after all these are his customers. So I think we should keep things simple here. Customers is something the sales person is familiar with, so he will not delete these objects.
But I would feel more comforable if such a sales person was not able to reconfigure invoiceplane. So here are things which I would like to disallow the sales person:
- customer fields
- user accounts
- system settings
actually everything in the
settings menu except the invoice archive.
I think this would be a lower hanging fruit than adding a complete role based access system…
In fact we would add a role
Sales to the administrators and guests.
I am personally fine with deleting invoices (User roles and accounts).
Hey, we have a daily backup, we have the invoice archive and we have the possibility to delete the sales person who is deleting invoices
What do you think?
If you give me some pointes, I would take a look at the effort to do this.