MYOB Security

HI Louisev_v4,

Thank you for your post.

I see that you're interested in restricting a user's access to certain locations to prevent them from moving items. When you mention that you set the location role to read-only, could you please confirm if this adjustment was applied both in the Inventory option screen of Manager Roles and immediately upon creation in Manage Users?

This action should effectively limit the user's access to read-only for all the roles and permissions that have been selected.

If my response has answered your inquiry, please click "Accept as Solution" to help other users find this information.

Cheers,

Princess

HI  - not sure I understand your question but I created these roles  quite sometime ago.  Nothing has changed but I wasn't aware you could go around the permissions .The issue is simply I can restrict Move Items under the Inventory Page in the dashboard - that's been working well.  My operations manager was helping a staff member who has this restriction.  They were looking at the item profile in Items register >Tab Locations  (we have multi warehouses) where the Move items at the bottom is not greyed out and can be accessed by the same person who can't do it from the dashboard.  

Hi Louisev_v4,

If there are staff that should not have access to move items, it should be read only on their end instead. With that, I would recommend checking the roles and customising them; it is worth checking. For example, a user with an inventory management role has the ability to move items even though they're showing as read only on their end. If you click on 'Manage Roles' from the user access window, you will see that there are more access options under Inventory Management that you can customise. I have attached a screenshot below for your reference.

If there are other roles ticked such as Cards, Banking, Inventory Management, Payroll, Purchases, Sales and Time Billing, ensure that Locations and Move Items are unticked.

Feel free to post again anytime if you require further assistance. 
 
If my response has answered your inquiry, please click "Accept as Solution" to assist other users in finding this information.

Best regards,

Doreen

Hi

 I think the point is being missed.  The "move items" in their profile is not ticked.  The inventory is read only.  It works from the dashboard perfectly. They can't do a thing  It is only when they go to the profile of the item then the location tab - the Move Item function works. We have tested in these profiles.  I am not sure how I can explain this any differently. 

Hi Louisev_v4,

I understand your concern about the "move items" function. It's clear that despite the access settings, users can still modify the item location via the item register. I've also run a similar test and can confirm your findings. Even when the 'move items' function is disabled due to access settings, they can still change the location through the item register. It seems that the only way to limit this is by setting their access to 'read only' from the manage users screen. However, I understand that this may not be the most suitable solution for you.

Feel free to let me know if you need further assistance.

Cheers,

Princess

HI and thank you.

I would like this reported as it makes no sense to have permissions that only "sort of " work and can be manipulated.  It opens a lot of doubt about security.  I am now concerned that other more important data permissions can be overridden especially those that cover staff and payroll.  I am wondering if these are protected.  Given my findings today - I would suggest a thorough permissions review.

Hi Louisev_v4,

I appreciate your understanding and cooperation. We're all about keeping things secure for our customers and making sure our software is as sturdy and reliable. Right now, the best move is to switch the user's access to read-only mode. However, to ensure this issue is addressed thoroughly and individually, I suggest creating a case in my.account. This will allow our dedicated support team to investigate and resolve the issue in a more personalized manner.

Feel free to start a new post if you have further queries and one of us will be happy to assist you.

Regards,
Earl