We have a client that does not want warehouse users, who DO have the permission "ship and invoice" a sales order, to have a permission set that includes Delete Permission for Table Data 1173 "Document Attachment". That is, the client does not want people in the warehouse deleting documents off a sales order (or any table really).

But when the warehouse user is being asked to "ship and invoice" a sales order, in the case where the user is ship and invoicing complete, the sales-post codeunit (80) runs a procedure called DeleteAfterPosting, which deletes the sales order (as it should if the sales order is completely shipped and invoiced). During the Delete of the SalesHeader record, codeunit Document Management (1173) (which subscribes to the SalesHeader's 'OnAfterDeleteEvent') runs a procedure to DeleteAttachedDocuments.

Well if the user does not have Delete Permission to the Document Attachment table, the user gets an error indicating they are missing the Delete permission, and stop the posting of the order.

We have tried to set the Delete Permission to the Document Attachment table to 'Indirect' instead of just 'No'. This does not solve the problem either.

What I have done for them as a short-run fix:
1. subscribe to an event inside of Codeunit 80 “Sales-Post” that routes them through a custom code unit that does have Permission = TableData “Document Attachment” = d; and that performs the delete.
2. Give them Delete Permission = Indirect.

I think a potential permanent fix would be to give Permission = TableData “Document Attachment” = d to codeunit 1173 (Document Attachment Mgmt.). That’s the codeunit that subscribes to the Sales Header OnDeleteEvent, and actually does the document attachment deletion.
Category: Warehousing
Needs Votes
Ideas Administrator

Thank you for this suggestion! Currently this is not on our roadmap. We are tracking this idea and if it gathers more votes and comments we will consider it in the future. Best regards, Business Central Team