Configuring User Permissions in InvenTree: Restricting Access to Sales Orders

[stansmolders]

Is it possible to create a user account in InvenTree that can only add sales orders and view only the sales orders they have created? Currently, I can only create an account with rights to "view," "create," and "change" sales orders, but what I need is a more restricted "client account." This account should allow the user to:

• Only add their parts or specific items to sales orders.
• Add new sales orders with relevant line items or attachments.
• Only view and manage the sales orders they created, without access to other users' data.

How can this be configured to ensure proper user permissions and maintain data privacy?

[SchrodingersGat]

@stansmolders the permission system is not that finely grained. It would require some significant refactoring to get to that point, and then we would probably have to offload such functionality to a custom user plugin, as we cannot provide such a wide range of options.

Exposing permission checks to a plugin would be a great enhancement (but again, a lot of work).

Would this be something you would be interested in implementing yourself, or perhaps sponsoring?

[stansmolders]

Thank you for the detailed explanation. I understand that refining the permission system to this level would be a significant effort, and I appreciate the complexity involved.

While exposing permission checks to a plugin sounds powerfull, I also recognize the amount of work required. At this point, I’m not in a position to implement it myself and the need is not that high to prioritize this. I questioned it as it would come in handy for me now and then. Perhaps in the future, thanks again.

[matmair]

Also see #7466