TenthPlanet Technologies Sites > iDempiere > Master > How do Document Action and Document Status Access work in iDempiere
Compiere iDempiere

How do Document Action and Document Status Access work in iDempiere

iDempiere controls document processing not only by window access, but also by what a user is allowed to do to a document and which document statuses they are allowed to see or interact with.
Document Action Access and Document Status Access together form the fine-grained security layer for document lifecycle control.

Document Action Access controlling what actions a role can perform

Document Action Access defines which document actions a role is allowed to execute for a specific document type.
Document actions are system-level operations such as Complete, Prepare, Void, Close, Reverse, Reactivate, and Post.

When a user clicks the Document Action dropdown on a document, iDempiere checks the role’s Document Action Access before allowing the action.

For each Role and Document Type combination

  • iDempiere checks the allowed Reference List value (action)
  • If the action is enabled and active, the user can perform it
  • If not, the action is hidden or blocked


Document Status Access controlling which document statuses are visible or usable

Document Status Access defines which document statuses a role is allowed to access or interact with.
Document statuses represent the current lifecycle stage of a document, such as Drafted, In Progress, Completed, Closed, Voided, or Reversed.

This access works at a visibility and usability level, not action execution.

For each Role

  • iDempiere checks which Document Status values are assigned
  • Only documents in those statuses are visible or selectable
  • Status-restricted documents may appear as read-only or hidden

How Document Action and Document Status Access work together

These two access controls are complementary

  • Document Status Access decides which documents a user can see or work with
  • Document Action Access decides what the user can do with those documents

A user must satisfy both rules to perform an action.

Document Action Access controls what actions a role can perform on a document, while Document Status Access controls which document lifecycle states a role can access or view. Together, they provide fine-grained control over document processing in iDempiere, ensuring that every document moves through its lifecycle securely, consistently, and according to organizational rules.

Leave a Reply

Your email address will not be published. Required fields are marked *