Implementing ERP system with a lot of users can be sometimes a security and admin problem specially if not everyone is allowed to have full access. Utilizing Role Permissions in ERPNext is a powerful way of limiting access and providing restrictions to user accounts. If assigned properly, the users should only be able to access the documents that should be available to them. If role permissions are also restricted, they will also be able to do the only "tasks" that their roles are supposed to do. For example, an assistant may only create "draft" purchase order, and the supervisor is the only one that can "submit" a purchase order. This provides security and order within the organization.
There are default system roles in ERPNext. But in case you need something more specific, first thing to do is to create a new Role.
1. Go to Users and Permissions.
2. Under Users, click Role.
3. Click New.
4. Enter the "Role Name".
5. Click Save to create the Role.
Permissions may now be assigned to this new role. Meaning what Documents and what access level will be provided to this role.
Assigning Role Permissions
Assigning Role Permissions in ERPNext limits to what documents are accessible to a role. To do this:
1. Go to User and Permissions.
2. Under Roles, go to Roles and Permissions Manager.
3. Select the Document Type you would like to assign to the User Role. And Select the Role applicable to the Document Type. If there are no permissions added yet for this Role on this Document Type, click "Add New Rule".
4. Tick the permissions / actions allowed on this document for this user Role.