we need this, please work on adding these more detailed permissions

Another needed permission is the ability to control which tabs are displayed on the top of the screen, If a specific user doesn't have any Invoice permission including listing or viewing than the Invoices tab is useless, it should be disabled, and the same goes for other tabs like purchase orders tab and admin tab which is not accessible for regular users.

ALSO: Need to break the "Line Items" security groups across these 3 types:
Estimates
Invoices
Recurring Schedules

Recurring Tickets – List/Search
Recurring Tickets – View Details
Recurring Tickets - Create
Recurring Tickets - Edit
Recurring Tickets - Delete

PLEASE! ANY update of ANY kind?

A few more that might be nice are

Allow access to IOS App, (if off would not be able to use iOS app at all)

Allow access to RSr outside office hours, (would have to define hours)

Allow access outside a set IP address by tech, (so some techs could see RSr outside the office and some techs would never has access outside the office at all. And to define what hours it would be available even to those that can see it outside the office.) Currently is it all or none and that doesn't work well.

Can access RMM alerts

Can access CC info and add / remove CCs

Access to invoice list - currently it is wide open. They can see everything for the last 30 days. It would be nice if we could set the number of days back they could see invoices in that list. We can always go to the customer file to look things up but having a list wide open is a little bit of a security risk.

Allow to view / list clients in list view. (No reason for bench techs to have access to a list of clients names in a simple printable or screen shotable list. It is ok to search one at a time when needed to create tickets etc but no reason to go to customers and view a list. This should be a restrict-able. this should include the app, no one should be able to view all the customers in the list via the app unless they have the permission to do so.

More options for restrictive permissions would be good. Business owners need to protect their client lists.

Allow access to VIEW tabs, it would be nice if clients didn't have permission to access what is behind a tab, like DOMO or Purchase orders that they also couldn't see the tab in the first place. Security though obscurity.

Thanks for looking at all these, security is a big area that needs some attention.

Can these please be updated/organized/fixed?

@Tim & Eric: Agreed on both points. Please add any additional permissions you'd like to see as well.

Good comment Eric, please see my post on iOS security which I feel you may be interested as well.

We'd like to see the ability to have different pages in the wiki available to different levels of users as well. We like to use the wiki as a place for how to's, but the how to's for the office manger and the how to's for the accountant are different and may contain confidential information.

This is great, it would be nice to have a greater level of granularity or detail on permissions. I have one I'd like to add that we would find useful.

Tickets - View Resolved

We can't have our techs looking at all the tickets, we only want them doing ones assigned to them. However sometimes we have a tech work on a job that a different tech had done work on months ago. I would like for the new tech to be able to look at the old resolved ticket from last time to see if there is any information that could be useful for the current job.

Products - View Details

This would be a really great permission level so standard techs could view the specific prices/serials for serialized inventory items. The only place the price/serial is viewable is in the product details page, which we have locked off to hide cost and to disable users from editing price/details.

Thanks!

Hi RS. Still very eager for any form of upgrade on this topic. There have been a plethora of new features added and having a security setting for them is CRITICAL! I think just an hour of TLC on security groups would be greatly appreciated by all RS users. Some new ideas on this:

1. Now that 'Credits' appear to be upgraded to the customer account, it could use it's own set of permissions (including migrating Block Hours out of 'Customers'):
>Credits - Add
>Credits - Edit Block Hours
>Credits - Apply to Invoice
>Credits - Delete

2. Other modules we'd like to lock down with security privelages:
>AutoPrintr - Authenticate (their locations)
>AutoPrintr - Authenticate (all locations)
>Customer Purchases - List/Search
>Customer Purchases - View Details
>Customer Purchases - Create
>Customer Purchases - Edit
>Customer Purchases - Complete Purchase
>Customer Purchases - Delete
>Refurbs - List/Search
>Refurbs - View Details
>Refurbs - Create
>Refurbs - Edit
>Refurbs - Add to Inventory
>Refurbs - Delete

3. Other permissions that would be helpful for financial security:
>Allow Usage of Discount Type - (dropdown list of discount "codes" for invoices)
>Allow Usage of Payment Type - (dropdown list of all payment types)
>Payments - Edit (eg. change type from cash to check)
>Products - Delete (serialized inventory stock)

We'd really appreciate a quick look at this. Thanks!

Additional permission that would be hugely appreciated:
Canned Responses - Create
Canned Responses - Edit
Canned Responses - Delete

@ILAN - Thank you for your feedback. I do my best to input a good 4-8 hours of feedback per month. One day RS is going to pro-rate my account for how much value I've helped add to their product ;)

@RS - Just wanted to reiterate that we need the ability to have view product DETAILS (like cost/price), but NOT EDIT those details. This is needed because some features are only visible from with inside the actual products detail page (like product label PDFs). So, please make sure both of these permissions exist separately:

Products - View Details
Products - Edit Details

Hi Ryan, thank you for your suggestions, I'm switching to RS in the beginning of 2016 and I see how those missing granular permission levels will be a big pain for me in managing my employees in their different levels of responsibilities. The suggested granular permission levels are crucial for this kind of complete management system.
Please rush this idea.
THANK YOU AND HAPPY NEW YEAR!!

Hey guys, hoping for a positive update on this to Planned or Started :)

This would be a MAJOR help for us right now. As a global admin, I'm finding the only times I'm being bothered for help in the system are by managers who need access to security features that aren't currently available. If we can just get some final security options set, it would greatly help our managers be more effective in having control of what they need to manage.

Specifically, these are some issues and solutions we're experiencing DAILY:

"I need to un-apply a payment to modify an invoice that has been paid" : Payments – Edit
"I accidentally sent a ticket update to the wrong customer" : Ticket Comments - Strikeout
"Someone marked this payment as cash when it was paid by check" : Payments - Delete
"I made my PO at the wrong location and need to fix that" : Purchase Orders - Edit

And one more great privilege level for ALL of the above categories: " - View Change History Log"

Any expediting we can do on this topic would be extremely appreciated. These are obviously features that are going to happen; so the sooner they happen, the better. :)

In relation to the below security groups, they should not fully "delete"; but should instead show with a strikeout over the text. This is because public comments are email/posted to the customer portal (and may have been seen by the customer), but are no longer visible in the ticket PDF or customer portal.

In the future, we should be able to fully delete any private/internal comments, and only strikethough any public/emailed comments. There are even more possibilities if one day we make read receipts in the customer portal and emails that are sent.

Ticket Comments – Delete (only ‘their’ comments) --- strikethough if public/emailed
Ticket Comments – Delete --- strikethough if public/emailed

Additional security group as per recent forum posts:
"Ticket Custom Fields - View Audit Logs"

Also, the ability to "View - Audit Logs" for tickets, estimates, invoices, etc.