Custom Record Type Object Permissions
You can provide roles with access to a custom record type in SuiteCloud Development Framework (SDF) using the permissions
structure in the customrecordtype
SDF custom object. In this structure, you can create as many custom permissions as needed by specifying a permission
structure for every permission. For more information about custom record type settings, see Setting Up a Permissions List for a Custom Record Type.
If you created a custom record object in version 18.1 that sets a permission on a custom role, you may receive a validation error after upgrading to the current version. To resolve this error, ensure that the referenced role contains a permission to the custom record object. For more information, see Custom Roles as XML Definitions.
Each permission element requires the following information:
Tag name |
Possible values |
Description |
|
Any standard role ID or custom role reference. |
The role that can access the custom record. |
|
One of the following values:
|
The level of access to the custom record that users of the specific role has. |
|
One of the following values:
|
The level of restrictions on the custom record that users of the specific role has. |
If a SuiteCloud project contains an SDF custom object and a custom role that reference each other, the levels of permission and restriction must match in both objects. For example, if a custom record type permits the custom role with the VIEW
permission level, that custom role must set the custom record type permission level to VIEW
. Projects that contain a level mismatch cannot be deployed to the NetSuite account.
In the following example, the Bookkeeper role is given view permissions to the sample custom record type:
<customrecordtype scriptid="customrecord_sample">
....
<permissions>
<permission>
<permittedrole>BOOKKEEPER</permittedrole>
<permittedlevel>VIEW</permittedlevel>
<restriction>EDIT</restriction>
</permission>
</permissions>
...
</customrecordtype>
In the following example, a custom role is given view permissions to the sample custom record type:
<customrecordtype scriptid="customrecord_sample">
...
<permissions>
<permission>
<permittedrole>[scriptid=customrole_sample]</permittedrole>
<permittedlevel>VIEW</permittedlevel>
<restriction>EDIT</restriction>
</permission>
</permissions>
...
</customrecordtype>
For information about the available fields, see role.
Consider the following information for SDF SuiteApps and SuiteApp projects:
-
For role permissions that exist in the target account but not in the permission field group of the
customrecordtype
SDF custom objects in the SDF SuiteApp (or SuiteApp project), the permissions in the target account will not be changed or removed. -
For role permissions that exist in both the permission field group of the
customrecordtype
SDF custom objects in the SDF SuiteApp or SuiteApp project and the target account, the permissions in the target account will be changed to the XML values for the permissions in the SDF SuiteApp or SuiteApp project.
Consider the following information for account customization projects:
-
For role permissions that exist in the target account but not in the permission field group of the
customrecordtype
SDF custom objects in the account customization project, the permissions in the target account will not be changed or removed. -
For role permissions that exist in both the permission field group of the
customrecordtype
SDF custom objects in the account customization project and the target account, the permissions in the target account will be changed to the XML values for the permissions from the account customization project.