Target group of this article |
|
All Users |
|
Main User |
x |
IT department |
|
Detailed description of the functionality
When the AP Automation application was developed, the system was designed to perform authorization validation on all of the actions the users are taking. For each action a user is taking, the system validates if the user has the rights to perform the action. As an example, if the user collaborates, the system validates the rights for collaboration, or if a user opens a list the system will validate if the user has the rights do so. Basically, all main actions are verified against the user rights.
If all actions would have their own rights, there would simply be too many of them. Therefore the rights were combined together as a single batch of rights to perform the most basic actions in the application, and included behind the review rights. This however leads to the situation that if a user does not have review rights to any organization, the system may believe that the user is not having rights to perform the action and cause unexpected behavior or crashes. This could occur on collaboration or on various other actions in the personal mode.
Recommended actions
As a rule of thumb, all users should have review rights. The easiest way to perform this is to add a new home organization user group to the organization root level and add all users as members of it. Then link the user role containing the Review permission to the group and all members will get review invoice right automatically to their home organization unit. In addition existing roles could be modified to include review rights.