NF1.0 Role Inheritance

From iDempiere en

Feature: Role Inheritance

Goal: Security

Sponsor: Trek Global


Actually iDempiere supports role inheritance - a role can be composed by included roles, and in such case it inherits the configuration for menu access options and for org access.

This feature extended the concept to enable defining master roles in System client, the master roles in System client can have menu access options (but cannot have org access options, because orgs are not available on System).

  • The Client (not System) roles can inherit from System roles the access options, and configure exceptions for the roles: adding specific access not included in master role or disabling (adding and inactivating) options included in the master role
  • The inheritance work just for menu items, documents, but not for org.
  • Users cannot be assigned to Master Roles.
  • The list of "Included roles" only show "Master Roles"

New Flag in the Window Role "Master Role" to create a Master Role


The Client (not System) roles can inherit from Master Role, In the tab "Included Roles" in window "Role"


Is it possible also to configure Document Action Access on System Master Roles to be inherited to roles, to do that you must create base documents on System.

Technical Info: IDEMPIERE-366

Cookies help us deliver our services. By using our services, you agree to our use of cookies.