new staff member has access to the required customer areas
Sales invoice and estimate creation
Client creation
Log sales payments/credits
Invoice and payment management (overview) screens
View/modify sales invoice and estimate records
Client management (overview) screen
View/modify specific client records
All the above are ticked
BUT when he goes to access the client account, he gets restricted. The client was created by me and their invoice.
The first time that I set up another user I did exactly the same thing. Explicitly excluding rather than explicitly permitting seems counter intuitive.
I know it seems counter intuitive, however there’s a reason it works like this from a database design point of view. Here’s a quote from a similar thread.
It makes sense from a software design point of view. It means if we add a new restriction later, we don’t need to add an extra flag to 30,000 accounts. It’s more economical to add restrictions per account to a database rather than work the other way around, consumes a fraction of the space in the DB.
Took me a while to work out why this is done like this (it has actually been on my mind since that post was originally made some time ago, only just sussed it!) makes sense from a programming point of view when you follow the double negatives through! This is another of those things that could be argued wither way, default new rules to be restricted/unrestricted.
Makes sense from a database perspective but I still think it’d have been clearer to invert the sense of the checkboxes in the UI (i.e. store a record in the DB for each unticked checkbox).
Yes I think it should be simple to solve by just inverting the checkbox flags. I’m pretty sure if we don’t this will be a recurrent question on the forum.
EDIT:
We’ve flipped this around now so hopefully that will avoid any further confusion.