Ideas for Acumatica

Feedback processing: We do not reply to all messages, but we do read them, analyze them, and work to improve Acumatica based on the feedback we receive. Ideas and comments may not appear immediately. Some legitimate ideas are flagged as spam and will be added when we review the spam folders.
Content: This portal is for product ideas and feedback only. If you need customer service assistance, contact your Acumatica Support Partner, submit a support case, or get assistance from community resources: LinkedIn Group or StackOverflow
No Reliance: Information is maintained on a best-efforts basis and may be changed without notice. Acumatica cannot guarantee the accuracy of the information provided or guarantee completion of features/ideas described on this portal.

Implement a hierarchical security permission structure with inheritance

The current structure of user security was completely redesigned under 2019 R2 to correct for inherent design issues with the previous structure.

While the current structure is much more simple in nature, the complexity of the security requirements in Acumatica make this security structure highly difficult for the typical system administration to maintain. The number of screens and potential number of user roles make for an extremely large number of possible combinations.

The current, simple structure has the follow issues (among others):

  • Highly difficult (to impossible) to maintain good security measures and access control
  • Inability to audit/review security access in a reasonable method
  • As new screens are added, users by default do not have access to these screens until IT updates security (which they often don't until someone discovers a new, missing feature).

I see that Acumatica has added new default user roles. However, many medium to larger organizations have more complex security requirements and need broader control.

Solution:

A hierarchical structure with inheritance, similar to Microsoft's Active Directory structure, would allow many permissions to be set at the top of a group of objects such as Payables, Receivables, Banking, Deferred Revenue, Bills of Materials, Equipment and all screens under that section would automatically assign the inherited permissions. Individual object permissions could be overridden to set individual security permissions.

  • Morgan Taylor
  • Jan 29 2020
  • Attach files