ACCESS IN SECURITY MANAGER REMOVED BUT REPORTS ARE STILL ABLE TO BE RUN
ISSUE: ACCESS IN SECURITY MANAGER REMOVED BUT REPORTS ARE STILL ABLE TO BE RUN
Creating a role that has access to selected reports, assign a user to the role and when logged in as the limited user still manage to run all reports.
When synchronizing users (between Sage 300 and Alchemex svd) the non-admin users get assigned to a ‘Report Users’ role which does not show in the list of roles (in Security Manager). This role can run all reports and hence when our software does a security check, it picks up this role first and ignores any other role assignment done later. This then allows the user to run all reports in the ERP even though they may be assigned to a role that can only run few reports.
Clients experiencing this problem should install a hotfix found here:
This hotfix must be installed in the installation directory of the Sage 300 ERP.
Sage 300 ERP 2012