Hello Denis, In Apache OFBiz, you can manage permissions at the screen, service, and content data levels to ensure users can only perform authorized actions.
For specific controls on Sales Order and Purchase Order creation based on a company or party, you can manage and restrict access through PartyRelationship records. Kind Regards, Arun Patidar VP of Information Systems *HotWax CommerceReal OmniChannel. Real Results.* m: +91 9827353082 w: www.hotwax.co <https://www.linkedin.com/company/hotwaxcommerce/> <https://www.facebook.com/HotWaxCommerce/> <https://twitter.com/hotwaxcommerce> On Tue, Aug 26, 2025 at 4:08 PM Denis G <[email protected]> wrote: > Hi All, > Can someone explain how permissions check works for entities? I found only > restrictions based on application, entity and action (view/edit/admin). > Is it possible to restrict access to entity where field_1 <> value_1 ? > > For example: > 1. I want to restrict user A to work only with purchase orders. That means, > that permission check should look into order_header and check > order_type_id. If it is equal to "PURCHASE_ORDER" - allow to change > (create/edit/delete), else if it is equal to "SALES_ORDER" prohibit. As I > understood based on demo data - it IS possible with standard functions. > > 2. Is it possible to allow user A to create purchase orders for Party > Company1 (internal organization) and sales orders for Party Company2. (and > don't allow to create orders for other Parties) > > 3. Is it possible to allow accountant to use GLAcccounts in GL > Transactions, where GL Account Type ID = Customer, Supplier and only for > them? > > Is it possible to find somewhere explanation of Security Checks? > > BR, > Denis >
