MYOB Security
I have found a gap in MYOB permissions which is troubling.
In inventory you need permission to move items from one warehouse to another. This works well - if you don't have permission the link is greyed out. Here's the problem - you can get around it.
I have staff who have "read only" ticked in their user profiles under Locations and move items not ticked at all. They can however go to Items Register > Search for an item and click on the individual item > click on the tab called locations > click on the move items (bottom left ) and without the above permissions move items around to to other warehouses. I have tested.
Any ideas on how I can protect this activity? The people who have Read Only in inventory need to be able to read but not move any items.