Setting Permissions for a Custom Record Type

To manage access to custom record type data, you can:

Define the Permission Model

You can use the Access Type list on a custom record type page to define a permissions model for a custom record type. This model can be based on any of the following:

  • Custom record entries permissions defined on role records
  • Permissions defined on the Permissions subtab of a custom record type
  • No permissions required for internal roles
  • Permission level defined for external users, such as customers, vendors, and partners.
  • Permission level defined for unauthenticated users (meaning users (for example, anonymous shoppers – online form users) who did not log in to NetSuite).

Note

The No Permission Required access type has changed to No Permission Required for Internal Roles. For more information, see Changes to “No Permission Required” Access on Custom Record Types.

The Access Type list includes the following options:

  • Require Custom Record Entries Permission
  • This option is the default.
  • Custom record types created prior to 2012.1 that did not have the Use Permissions box checked have this option set.
  • This option indicates that only users logging in with a role with permission granted to the custom record type can access it. This permission can be set on the Lists subtab of the Permissions subtab on each Role page. See Customizing or Creating NetSuite Roles.
  • Note that this limitation does not apply to the owner of the custom record type. The owner always has full permission to access the custom record type in any role.
  • Use Permission List
  • Custom record types created prior to 2012.1 that had the Use Permissions box checked have this option set.
  • This option indicates the users logging in with a role with permissions defined on the Permissions subtab of the custom record type can access it. This permission can also be set on the Custom Records subtab of the Permissions subtab on each Role page.
  • Note that this limitation does not apply to the owner of the custom record type. The owner always has full permission to access the custom record type in any role.
  • For details about creating a permission list, see Setting Up a Permissions List for a Custom Record Type.
  • No Permission Required for Internal Roles
  • Use this option for non-sensitive custom record types when you want to give all employees create, read, update, and delete access. This option denies external users or unauthenticated users from accessing the custom record type.
  • New roles have immediate access to relevant custom record types without having to explicitly grant access.
  • You can add custom access controls using SuiteFlow or SuiteScript.
  • For more information, see Changes to “No Permission Required” Access on Custom Record Types
  • External Roles Access
  • This option is available only if you selected No Permission Required for Internal Roles as the access type. It permits public access to users such as customers, vendors, and partners. The default access is None.
  • None – User doesn’t have access any instance of the custom record type. The user cannot create new, view existing, edit existing, or delete existing instances.
  • View – User has access to view existing instances of the custom record only. The user cannot create new, edit existing, or delete existing instances.
  • Create – User can create new and view existing instances of the custom record type. The user cannot edit or delete existing instances.
  • Edit – User has access to create new, view existing, and edit existing instances of the custom record type. The user cannot delete existing instances.
  • Full – User has access to create new files, and view, edit, and delete existing instances of the custom record type.
  • Unauthenticated Users Access
  • This option is available only if you selected No Permission Required for Internal Roles as the access type. It permits public access to users (such as shoppers – online form users) who have not logged in to NetSuite. The default access is None.
  • None – User doesn’t have access any instance of the custom record type. The user cannot create new, view existing, edit existing, or delete existing instances.
  • View – User has access to view existing instances of the custom record only. The user cannot create new, edit existing, or delete existing instances.
  • Create – User can create new and view existing instances of the custom record type. The user cannot edit or delete existing instances.
  • Edit – User has access to create new, view existing, and edit existing instances of the custom record type. The user cannot delete existing instances.
  • Full – User has access to create new files, and view, edit, and delete existing instances of the custom record type.

Changes to “No Permission Required” Access on Custom Record Types

To provide more control over who may access your custom record entries, NetSuite has introduced a more precise setup to users with the required permissions. The access type option of No Permission Required has changed to No Permission Required for Internal Roles. When this option is selected, two additional more granular dropdown list fields will appear from which you can select additional access levels to permit with no permission required:

  • External Roles Access
  • Unauthenticated Users Access

Leave a comment

Your email address will not be published. Required fields are marked *