Users should only be allowed to view, edit, delete the Clients THEY created.

[GoogleCodeExporter]

What steps will reproduce the problem?

1. User-1 (Account Mgr) is created by Admin
2. User-2 (Account Mgr) is created by Admin

3. User-1 logs in and creates a new client named: John Doe
4. User-2 logs in and is able to view, edit, & delete:  John Doe

User-2 should not have access to the Clients User-1 creates and vice versa.

Each User (Account Mgr) created should only be allowed to view, edit, & delete 
the Clients they added.

Original issue reported on code.google.com by filipe.a...@gmail.com on 28 Jul 2010 at 6:56

[GoogleCodeExporter]

I think that the example you laid out does have uses. I see myself setting it 
up so that the Admin has control of all site settings, while the Acct Mgr's can 
edit every client.. However you do have a point. Maybe There needs to be 
another level of Account Mgr called Client Mgr. In which it has Client based 
access. That way Department bosses can have full control, and lower levels in 
your case will only be able to see/edit specific clients. 

Original comment by mlong...@gmail.com on 11 Dec 2012 at 12:46

[GoogleCodeExporter]

Practically, something like this:

1. Admin can do everything: create, delete, assign, view
2. Manager can create, delete and view all clients, assign clients to users but 
not create users
3. Users can create, view THEIR clients

Programically, I'd use a roles/permission systems like redmine 
(http://redmine.org) for maximum flexibility. See screenshot, you can create 
roles and assign permissions anyway you like.

Original comment by ericasus...@gmail.com on 1 Feb 2013 at 12:24

Attachments:

• [Screen shot 2013-01-31 at 7.23.00 PM.png](https://storage.googleapis.com/google-code-attachments/clients-oriented-ftp/issue-53/comment-2/Screen shot 2013-01-31 at 7.23.00 PM.png)

[GoogleCodeExporter]

Erm, not a big deal but I was logged in with my partners account when I made 
that last comment:)

Original comment by ma...@worklabs.ca on 1 Feb 2013 at 12:26

[GoogleCodeExporter]

Exactly, missing a roles that could be assigned to a user. 

Original comment by david.kr...@gmail.com on 11 Mar 2014 at 1:34

[GoogleCodeExporter]

In our workflow, we have several technicians who upload files for client 
retrieval. None of these clients would be exclusive to any one user. Such a 
modification would be counter-productive in such a case, and providing low 
level users with elevated permissions may not be ideal for some installations. 

Original comment by artandim...@gmail.com on 15 Jul 2014 at 5:24

[GoogleCodeExporter]

Agreed. The original post is making the assumption that the clients will be 
specific to the account manager, which is not always the case.

I made some adjustments to my installation where the client list shows who 
created the account, and has a field to show who the client's contact/manager 
is as well.

Original comment by crashf...@gmail.com on 13 Jan 2015 at 9:28

[GoogleCodeExporter]

I agree, it would be great if the admin can assign roles!

Original comment by mamehdi2...@gmail.com on 6 May 2015 at 4:10