Managing User Permissions Per Warehouse in Dolibarr: Is It Possible?
   05/06/2025 00:00:00     Dolibarr , Wiki Dolibarr    0 Comments
Managing User Permissions Per Warehouse in Dolibarr: Is It Possible?

Dolibarr ERP & CRM has become one of the most popular open-source management solutions for businesses of all sizes. Its modular architecture, ease of customization, and active community make it an attractive choice for companies looking to streamline business operations without incurring the cost and complexity of proprietary ERP systems. However, one of the more nuanced challenges that many Dolibarr users face relates to user permissions—specifically, whether it is possible to assign and control user access to warehouses individually.

In this article, we will explore this topic in great depth. We will review how Dolibarr manages user roles and permissions, how warehouse modules operate within Dolibarr, and to what extent fine-grained permission controls can be implemented. We will also consider possible workarounds and extensions, including community modules and custom development strategies. This comprehensive discussion aims to help Dolibarr administrators understand their options when it comes to securing and isolating warehouse data by user.

  1. Understanding Dolibarr's Permission Model

Dolibarr implements a role-based access control (RBAC) model. Administrators assign users to groups, and these groups are granted permissions to access specific modules and features within the system. Permissions can be applied at a granular level—for example, read-only access versus write access to customer data.

Permissions are configured from the user or group interface, and each module (Products, Invoices, Warehouse, etc.) provides its own set of permissions that can be toggled. However, Dolibarr’s permission model is largely designed around module-level access, rather than data-level access.

  1. How Warehouse Management Works in Dolibarr

Dolibarr includes a dedicated warehouse management module, which enables companies to manage multiple stock locations, perform stock transfers, and monitor inventory levels per warehouse. Key features of the warehouse module include:

  • Creation of multiple warehouses

  • Assignment of products to warehouses

  • Inventory tracking per warehouse

  • Stock movement logs and history

All users with access to the warehouse module can typically view all configured warehouses, unless custom permissions or filters are introduced.

  1. The Problem: Lack of Native Warehouse-Specific User Permissions

By default, Dolibarr does not support native user permissions per warehouse. This means:

  • A user with permission to access the warehouse module will see all warehouses

  • No out-of-the-box functionality restricts a user’s access to specific warehouses

  • This can lead to data exposure, especially in organizations with decentralized inventory management

This limitation is particularly challenging for businesses with multiple warehouse managers or regional teams who should only see and manage inventory relevant to their location.

  1. Why Warehouse-Specific Permissions Matter

There are several business scenarios where warehouse-specific user access is necessary:

  • Multi-location businesses: Employees in one region should not view stock in other regions

  • 3PL providers: Clients should only view their own stock or warehouse information

  • Security and compliance: Access to stock data may be regulated or sensitive

  • Operational efficiency: Reducing clutter in the UI by hiding irrelevant warehouses

These scenarios justify the need for tighter control over warehouse visibility.

  1. Exploring Workarounds Within Dolibarr Core

Despite the limitation, there are a few workarounds that can be employed within Dolibarr without requiring code customization:

  • Using Separate Users and Groups: Segment users by group and restrict their permissions broadly. However, this does not restrict warehouse visibility directly.

  • Custom Warehouse Naming: Prefix warehouse names with region or department to indicate ownership, but this only improves visibility—not security.

  • Reporting Filters: Train users to filter data views and reports manually to show only relevant warehouses.

These workarounds offer only partial solutions and do not provide true permission segregation.

  1. Using Dolibarr’s Multicompany Module as a Partial Solution

One workaround that offers stronger segregation is the Multicompany module. This module allows multiple companies or business units to coexist within the same Dolibarr instance. Each company can have its own users, third parties, and warehouses.

By setting up each warehouse under a different company in the Multicompany module, you can:

  • Isolate users to their respective companies

  • Assign users only to the warehouses of their company

  • Prevent cross-company visibility

Limitations of this method include:

  • Overhead in setting up and maintaining multiple companies

  • Complexity in consolidating reports across companies

  • Not ideal for businesses that need centralized warehouse management with restricted access

  1. Leveraging Community Modules and Extensions

Several third-party modules aim to enhance permissions in Dolibarr. Some of the more popular ones include:

  • Advanced Permissions Module: Allows more detailed control over records, including products and documents

  • Warehouse Extension Modules: Some modules extend the warehouse interface with tags or metadata that can be used to simulate access restrictions

  • Custom Hooks: Some developers introduce custom PHP hooks in warehouse views to hide or display data based on user ID

These modules are usually available through Dolistore, GitHub, or Dolibarr partners, and they vary in terms of maturity, support, and documentation.

  1. Developing Custom Solutions

For businesses with development resources or partners, creating a custom solution may be the most effective way to enforce warehouse-specific permissions. Custom development can include:

  • Extending the warehouse module to include user access tables

  • Filtering warehouse lists and stock reports based on user permissions

  • Introducing a middleware layer or API proxy that limits data exposure

Such customizations require an in-depth understanding of Dolibarr’s codebase and update lifecycle to maintain compatibility.

  1. Considerations for Custom Development

Before embarking on a custom solution, consider the following:

  • Upgrade compatibility: Custom code may need to be updated with each Dolibarr release

  • Performance: Filters and access checks may slow down warehouse views for large datasets

  • Maintenance: Ensure code is well-documented and maintainable by multiple developers

  • Security: Always sanitize inputs and enforce access checks at the data layer

Custom development adds power, but also complexity. It should be well justified and scoped.

  1. Future Possibilities and Community Input

There is increasing demand in the Dolibarr community for more flexible permissions. Feature requests related to warehouse-specific permissions have been submitted on GitHub and Dolibarr forums.

Possible future directions include:

  • Introducing per-warehouse permissions as part of the core module

  • Enhancing the Multicompany module to support shared data with filtered visibility

  • Enabling access control lists (ACLs) for stock and warehouse modules

If your organization needs this feature, consider contributing to the discussion or sponsoring development.

  1. Best Practices for Managing Warehouse Access

In the absence of native support, organizations should adopt the following best practices:

  • Educate users on manual filters and their role in data privacy

  • Use naming conventions to distinguish warehouses clearly

  • Segment responsibilities by workflow stage rather than warehouse

  • Log access and actions to monitor inappropriate usage

These steps won’t replace permission control but can reduce the risks and friction.

  1. Conclusion

While Dolibarr offers an extensive suite of features for warehouse management, it lacks native capabilities for assigning user permissions per warehouse. Businesses seeking this level of control must turn to workarounds, third-party modules, or custom development.

For some, the Multicompany module offers a path to segregate access. For others, the need for centralized control with localized permissions makes the case for tailored development or community module exploration.

Ultimately, the decision depends on your organizational structure, compliance requirements, and technical capabilities. Understanding the limitations and available options empowers Dolibarr administrators to make informed decisions and maintain a secure, efficient inventory management environment.

Comments

Log in or register to post comments