Menu Security

Epicor ERP 10
, ,
1

I am trying to prevent some users from opening various screens from the TaskList form when they use the Context Menu triggered by a right-click.

Using Menu Maintenance I find the Menu ID that the Context Menu triggers and change security to not allow the user access - this works as expected and the user is prompted with “Menu ID SEMN1045 is not valid for the current user.”

However, if I perform exactly the same process on a different Menu ID that can be opened from the Context Menu - the form will still load despite the user not having access.

Is there an additional step or steps I am missing for some Menu IDs?
Or, can I disbale the Context Menu completely for certain users?

2

Does the other menu id have a different security code than the one you modified to disallow access?

1 Like
3

If you do your testing in Developer mode, I think it shows the menu IDs that are being used, right?

Is that the problem, trying to figure out what menu ID is being opened?

1 Like
4

Yes - there is a different Security code.

5

@JasonMcD - I know the menu ID - as you suggest I am using the Developer mode to grab the ID.

Despite the user not have permission to trigger this screen the context menu still allows.

6

The permissions are controlled per security code not per screen. It’s hard to understand exactly what is happening without screenshots but I would suspect the user does in fact have access to the menu id they are launching via the context menu, because disallowing them on the one security code attached to the first menu id would do nothing to prevent access via the context menu if that is using a different security code.

1 Like
7

Maybe some screenshots would help. Of Menu Maintenance, for example.

1 Like
8

User blocked
image

image
image898×678 35 KB

image
image898×678 36.6 KB

User not blocked
image

image
image898×678 33.3 KB

image
image898×678 34.2 KB

Becuase the user in question does not have permission to access this screen I did not expect Epicor to launch via the context menu.

9

Anything on the disallow access tab?

10

No - all blank.

11

image
image898×678 34.8 KB

Adding the user to the Disallow access tab does not preventthe screen from launching.

image
image898×678 35.6 KB

The user is still able to open MenuID CRMT9000

12

Did you test after closing their client?

13

No… but I did just try that and it did not allow the user to trigger.
Good news.

However - I am still unsure why I need to disallow rather that just not allow - if that makes sense.

14

Were they always missing the allow before, or did you remove it and not restart?

1 Like
15

I’m not quite sure, but if they have access to the parent folder, they may have access on down the line without a specific disallow.

16

Following on from disallowing screens from triggering - can you prevent the Search from triggering:
image

17

Or better still disallow Context Menus for certain users.

18

In Context Menu Maintenance you can control what options are there and what they do.

image
image1350×930 145 KB

If a user doesn’t have access to what is opened from the option, then they will be blocked from opening it. (though it will still display as an option)

I’m not sure what the BPM Holds thing is for in this example, it doesn’t display for me when I right click on a Work Force ID. But for Work Force Entry, those that are on the CRM license can’t open Work Force Entry since that menu item is not available to them.

19

Thank you @MLamkin