View Employee Menu Permission – Smart Access Without Visibility
? Problem Statement
Section titled “? Problem Statement”In many systems, users need full access to employee data in the background (for tasks, invoices, assignments, reports, etc.), but should not be able to browse or view other employees directly through the Employee menu.
Showing the Employee menu can allow users to:
- View other employees’ profiles
- Check confidential or unrelated information
- Explore areas beyond their responsibility
This creates privacy and access-control concerns.
? Solution: “View Employee Menu” Permission
Section titled “? Solution: “View Employee Menu” Permission”The View Employee Menu Permission allows administrators to separate data access from UI visibility.
? Key Concept
Section titled “? Key Concept”✅ Give users full employee data access where required
❌ Hide the Employee menu from the navigation
This ensures users can:
- Select employees in tasks
- Assign users in invoices
- Reference employees in workflows
…without being able to open and browse the Employee module.
⚙️ How It Works
Section titled “⚙️ How It Works”1️⃣ Permission Setting: View Employee Menu
Section titled “1️⃣ Permission Setting: View Employee Menu”- Enabled → Employee menu is visible
- Disabled → Employee menu is hidden
2️⃣ Data Access Still Works
Section titled “2️⃣ Data Access Still Works”Even when the menu is hidden:
- Employee dropdowns still load data
- Auto-complete search still works
- Linked modules (Tasks, Invoices, Reports) function normally
This is achieved through backend permission checks, not UI restrictions alone.
?️ Why This Approach Is Important
Section titled “?️ Why This Approach Is Important”✅ Better Privacy Control
Section titled “✅ Better Privacy Control”Users cannot manually explore other employees’ details.
✅ Clean & Focused UI
Section titled “✅ Clean & Focused UI”Reduces clutter by showing only relevant menus.
✅ Flexible Role Management
Section titled “✅ Flexible Role Management”One permission controls menu visibility, not core functionality.
✅ Security Without Breaking Workflows
Section titled “✅ Security Without Breaking Workflows”Users continue working without interruptions or limitations.
? Example Use Case
Section titled “? Example Use Case”-
A non-HR user needs to:
- Assign tasks to team members
- Select employees in invoices
-
But should not:
- Open the Employee directory
- View profiles, documents, or personal details
✅ Disable View Employee Menu
✅ Keep employee selection enabled in other modules
? Best Practice Recommendation
Section titled “? Best Practice Recommendation”- Use menu visibility permissions separately from data access permissions
- Restrict Employee menu access to:
document.querySelectorAll(‘.portal-attachment-thumbnail-img’).forEach(function(img) {
img.addEventListener(‘error’, function () {
attachment_error_image(this);
});
});
const attachment_error_image = (attachment) => {
const parentElement = attachment.parentElement;
const defaultIcon = <span class="icon-file-empty"></span><span class="fw-attachment-ext">${escapeHtml(attachment.dataset.extension)}</span>;
parentElement.innerHTML = defaultIcon;
};