From 968d38f2a0cd5ad62265414e079557d0a6c47949 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Wed, 5 Jun 2019 00:02:45 +0000 Subject: [PATCH] --- devdocs/specs/core-roles.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/devdocs/specs/core-roles.txt b/devdocs/specs/core-roles.txt index df66d2d4..1a92f860 100644 --- a/devdocs/specs/core-roles.txt +++ b/devdocs/specs/core-roles.txt @@ -16,6 +16,10 @@ If you can modify an object you can delete an object unless business rules say o In some cases business rules may further restrict what a user can do. For example a SubContractorLimited has the change right to a workorder, but in fact the workorder itself has business rules that limit that drastically down to almost nothing but a single area entry in labor +LISTS UNDER LIMITED ROLES +If a user *can* potentially view or edit an object type then that object's list will display, if certain fields should be restricted then they will be via business rules when the record is opened. +So in theory lists should not show stuff that a user has no rights to see, so some columns need to be restricted for those users when the list is delivered by the server +Case by case issue. ## ROLES