1f438bb734
* Display PendingShipments panel - Overview of all outstanding shipments * Update UI tests * add separate page for troubleshooting * Restructure menus a bit * Fix top-level page for mobile app * Add option to override default value in docs * Update global.md * Formatting updates * Update sales pages * Move order images to "purchasing" * Small tweaks * Make "Concepts" a top-level documentation item * Update image
3.2 KiB
title
| title |
|---|
| User Permissions |
Permissions
InvenTree provides access control to various features and data, by assigning each user to one (or more) groups which have multiple roles assigned.
!!! info "Superuser" The superuser account is afforded all permissions across an InvenTree installation. This includes the admin interface, web interface, and API.
User
A user is a single unique account with login credentials. By default, a user is not afforded any permissions, and the user must be assigned to the relevant group for the permissions to be assigned.
Group
A group is a named set of zero or more users. Each group is assigned permissions against each possible role.
Role
A role is a set of distinct permissions linked to a given subset of InvenTree functionality (more on this below).
Roles
InvenTree functionality is split into a number of distinct roles. A group will have a set of permissions assigned to each of the following roles:
| Role | Description |
|---|---|
| Admin | The admin role is related to assigning user permissions. |
| Build | The build role is related to accessing Build Order and Bill of Materials data |
| Part | The part role is related to accessing Part data |
| Part Category | The part category role is related to accessing Part Category data |
| Purchase Order | The purchase role is related to accessing Purchase Order data |
| Return Order | The return role is related to accessing Return Order data |
| Sales Order | The sales role is related to accessing Sales Order data |
| Stock Item | The stock item role is related to accessing Stock Item data |
| Stock Location | The stock location role is related to accessing Stock Location data |
{{ image("admin/roles.png", "Roles") }}
Role Permissions
Within each role, there are four levels of available permissions:
| Permission | Description |
|---|---|
| View | The view permission allows viewing of content related to the particular role |
| Change | The change permission allows the user to edit / alter / change data associated with the particular role |
| Add | The add permission allows the user to add / create database records associated with the particular role |
| Delete | The delete permission allows the user to delete / remove database records associated with the particular role |
Admin Interface Permissions
If a user does not have the required permissions to perform a certain action in the admin interface, those options not be displayed.
If a user is expecting a certain option to be available in the admin interface, but it is not present, it is most likely the case that the user does not have those permissions assigned.
Web Interface Permissions
When using the InvenTree web interface, certain functions may not be available for a given user, depending on their permissions. In this case, user-interface elements may be disabled, or may be removed.
API Permissions
When using the InvenTree API, certain endpoints or actions may be inaccessible for a given user, depending on their permissions.
As the API is used extensively within the web interface, this means that many data tables may also be impacted by user permissions.