Managing User Roles and Permissions in Cetec ERP

Aug 11 2022
Managing User Roles and Permissions in Cetec ERP

A common admin request is, “What permission do I need to let a user do X in Cetec ERP?” In practice, the operational risk is broader than a single screen. If access is too loose, the wrong person can change part data, pricing, or system settings. If access is too tight, teams get blocked and work slows down.

Cetec ERP handles this with role-based permissions. You assign permissions to roles, then assign one or more roles to each user. This makes it easier to manage access consistently as your team grows.

Key Terms Used in Cetec ERP

  • User: an individual login for one person using Cetec ERP.
  • User role: a named role that can be assigned to one or more users.
  • Access control: the configuration that determines which roles can access specific pages and actions.

How Role Permissions Behave

Roles in Cetec ERP act like an interrelated web. A user can have multiple roles at once. If one role allows access and another role denies access, the deny overrides the allow. Operationally, this lets you start from a reasonable baseline and then lock down specific pages for specific people.

A practical setup pattern is: first assign built-in roles that get your team working quickly, then add targeted deny roles to restrict specific pages as needed.

Example: Allow a Manager Role, Then Deny Part Editing

Assume you have an employee named Sally Smith (username: ssmith). You want Sally to have Manager-level access, but you do not want her editing part information.

  • Assign Sally the Manager role so she can do her job.
  • Create a new role called Deny Part Edit.
  • Configure access control so Deny Part Edit is denied the part edit page.
  • Assign Deny Part Edit to Sally in addition to Manager, so the deny takes precedence.

Step 1: Create a New User

  • Go to Admin > Users > User List.
  • Click Add New User.
  • Enter the username (for example, ssmith). Leave the password blank or set a temporary password.
  • On the user profile, select the Manager role in the Roles field.
  • Click Submit.

Step 2: Create a New Role

  • Go to Admin > Maintenance > Data Maintenance.
  • Select Role.
  • Click Add Record.
  • Enter a role name (for example, Deny Part Edit).
  • Click Submit.

Step 3: Deny Access to a Specific Page Using Access Control

Access control is set per controller and action, which map to the page’s URL path. To deny access to a page, first navigate to the page yourself and identify the controller and action from the URL.

  • Navigate to a part record and open the Edit screen.
  • Review the URL. For example: http://company.cetecerp.com/part/1/edit_profile
  • The controller is part. The action you care about is edit_profile.
  • Go to Admin > Users > Access Control.
  • Enter the controller and action (part and edit_profile), then click Submit.
Admin_Users_Screenshot.jpg
  • Click the part/edit_profile link that appears in the list.
  • Set Enable Custom Access Control? to Yes, then click Update.
  • Find the Deny Part Edit role and set it to Deny.
  • Click Submit.

Step 4: Assign the Deny Role to the User

To apply the deny, add the Deny Part Edit role to the user in addition to the user’s existing role(s). Be careful not to remove the existing role assignment when you add the new one.

  • Go to Admin > Users > User List.
  • Click Edit next to the user (for example, ssmith).
  • In Roles, hold Ctrl and select Deny Part Edit (so you do not deselect Manager).
  • Click Submit.

Step 5: Test by Impersonating the User

  • On the user profile, click Impersonate to view Cetec ERP as that user.
  • Navigate to a part record and try to open the Edit screen.
  • If the deny is configured correctly, the user should see a no-access message.
No_Access_Cetec_ERP.jpg

Key Takeaways

  • Permissions are assigned to roles, and roles are assigned to users.
  • A deny overrides an allow, which makes targeted deny roles a practical way to lock down specific pages.
  • To deny a page, identify the controller and action from the URL, then configure it under Admin > Users > Access Control.
  • Use impersonation to validate access before you assume the setup is correct.

Conclusion

User roles and access control in Cetec ERP give you a practical way to control who can edit what without maintaining one-off user-by-user permissions. If you start with standard roles and then add targeted deny roles, you can protect sensitive screens while keeping day-to-day work moving.

Categories

Related articles

Non-PDF Custom Document Creation in Cetec ERP

Feb 15 2026

Why Raw Material Issues Keep Disrupting Production

Dec 14 2025

How to Display Tariff Data on BOMs in Cetec ERP

Aug 19 2025

Non-Inventory Items: A Quick Guide for Manufacturers

Jul 14 2025

Engineering-Driven Bom Management: How to Build Accurate, Scalable Boms

Jun 25 2025

How Bills of Materials (BOMs) Drive Better Inventory Management in Manufacturing

Jun 25 2025