I am trying to create a read only role in GP.
At first I thought it would be as simple as allowing the INQ and RPT tasks.
However, this does not provide access to SmartList or read access to the cards which would be used when querying from the pick lists.
Has anyone created a read only role and if so what is the best approach?
I've never been able to create an exclusive read only, if the user also needs access to view any master records. In GP, if the user needs access to Customer Maintenance or Item Maintenance (master records) to those screens you're kind of out of luck. GP doesn't allow access to a window/screen without the native abilities to modify the data elements in the window/screen.
Most folks would use Field Level Security (if you have rights to it).
Example - With Field Level security you could grant access to the Item Maintenance and then disable the 'save' button or the 'delete' button which would be in eccence the same thing......
Field level Security would be under Tools > setup > system > field level security (you may need to be logged in as 'sa' to see menu choice and to actually deploy/setup
For master records, you can also try giving access to master record inquiry windows. Example: For Customers give access to Customer Inquiry window (Inquiry >> Sales >> Customer). The basic information related Master records in available in such inquiry windows. Check out these widows to see if it fulfills your requirements.
Another advantage of using these windows is these windows open up when user tries to drill down on the customer record and they do not have permission in maintenance windows.
For giving access to smartlist, you will need to create a Security Task with Product Smartlist, Type Smartlist Object and series Type Smartlist Objects.
This sounds like a great project to put all of the inquiry tasks into an "inquiry only" role. Of course you still have that problem for windows without inquiries. Do you have modifier?
This worked well for the master record access - I added in the inquiry role the ability to see "customers" or "vendors".
However, I am still having trouble providing smartlist access. This is very important. I was told the following. Could it be your suggestion is for versions prior to 10? If so, how do I address in v10?
Starting on v.10, Smartlist security is embedded in GP security and is found under the appropriate task assigned to the user role.
Thank you for all the information.
I think I figured out a little more.
Seems to be working now. Will see if it meets all our read only needs.