Permissions for Searches
You can use SuiteAnalytics Workbook to query your NetSuite data using the analytics data source, which offers advanced query capabilities. For more information about SuiteAnalytics Workbook and how you can recreate your existing saved searches to workbooks, see the following topics:
Your NetSuite account administrator assigns roles to users. For each role, the administrator sets up permissions to view and edit objects and to complete tasks, and defines access to searches for specific record types.
You have one or more assigned roles that you can use to log in to NetSuite. The permissions and search access associated with the role you use to log in determine the searches that you can run during a NetSuite session. For saved searches, your role's permissions and search access determine the record types for which you can create saved searches.
NetSuite includes four different types of permissions: Lists, Reports, Setup, and Transactions. Five Lists type permissions determine your ability to run, export, and email searches, and to create, run, export, email, and share saved searches:
-
Perform Search – This permission has two possible levels, View and Full. If you have View level for the Perform Search permission, you can run searches and saved searches, for record types to which you have access. If you have Full level for the Perform Search permission, you can run, create, and save searches, for record types to which you have access.
-
Publish Search – This permission has four possible levels, View, Create, Edit, and Full. If you have Create level or higher for the Publish Search permission, you can share saved searches with other users, and set up alert emails and scheduled emails of saved search results. The Audience, Roles, Email, and Execution Log subtabs are available on the saved search definition page.
-
Persist Search – This permission has only one possible level, Create. With this permission, a Persist (CSV) link becomes available for saved searches listed at Reports > Saved Searches > All Saved Searches. This permission enables you to extend the timeout for the saved searches you run to up to 3 hours and to save search results in a CSV file.
-
Export Lists – This permission has only one possible level, Create. With this permission, Export and Email buttons become available on your search and saved search results pages, which enables you to export and email both searches and saved searches, for record types you are allowed to access. This permission is activated only if you have at least the View level for the Perform Search permission.
-
Tableau® Workbooks Export – This permission has only one possible level, Create. With this permission, the Export to Tableau Workbook button becomes available on search and saved search results pages, enabling the export of search results as analysis-ready Tableau® workbooks, for record types you are allowed to access. The Export to Tableau button is available only for users who also have the Export Lists permission and at least the View level of the Perform Search permission.
Additionally:
-
The following Transactions type permission determines your ability to save a transaction search:
Find Transaction – This permission has four possible levels, View, Create, Edit, and Full. If you have Create level or higher for the Find Transaction permission, the Create Saved Search button is available for transaction searches. With the View level, you can run transaction searches but you cannot save them.
-
The following employee permissions determine your ability to create a search and perform a global search:
-
Perform Search
-
Employee Record
-
-
The following address permission determines your ability to search for all addresses:
Address List in Search – Without this permission, you can only access your own address records
If you do not see Email and Export buttons on your search and saved search results page, you may require a higher level of the Perform Search permission. This also applies if you experience difficulties running, exporting, or emailing searches, or creating, running, exporting, emailing, or viewing the log for saved searches. Contact your administrator to determine whether your assigned role, permissions, and search access require changes. For information about role permissions, see NetSuite Permissions Overview.
Another level of access control applies to saved searches created by other users. You can access a saved search created by another user if the search is public, or if you have been defined as an audience member, either by name or based on your assigned role, department, subsidiary, or group.
When you create or customize roles that require the capability to search for employees you need to make sure the Perform Search, Employees, and Employee Search permissions are included for the role.
Custom fields have an additional level of field-level security that applies to the use of custom fields in searches. Security for a custom field in searches can be defined as a Search/Reporting access level, on the custom field record. Access can be defined generally, and by role, department, or if you are using NetSuite OneWorld, subsidiary. Available access levels include Edit (can view and change the field), Run (can view the field in search and report results but cannot change it), and None (cannot view or change the field). For more information, see Restricting Access to Custom Fields.