RBAC Pro-Business Write Operations Matrix

Environment: staging | Generated: 2569-03-26 16:33:26 | 9 roles | 19 write endpoints | Package: Pro-Business
Total Checks
171
Match
102
Mismatch
69
Roles
9
Write EndpointowneraccountantacctFirmsalesManagerseniorSalessalesAdminsalesPurchasehrManagercashier
POSTContacts: POST create✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		✓ Allow
HTTP 200
Invalid Contact Group		⚠ exp:Deny got:Allow
HTTP 200
Permission denied.		⚠ exp:Deny got:Allow
HTTP 200
Permission denied.
POSTDoc:Quotation: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:Quotation: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:TaxInvoice: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:TaxInvoice: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:Receipt: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:Receipt: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:CashInvoice: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:CashInvoice: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:CreditNote: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:CreditNote: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:DebitNote: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:DebitNote: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:PurchaseOrder: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:PurchaseOrder: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:Expense: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:Expense: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
POSTDoc:BillingNote: POST create✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		✓ Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null		⚠ exp:Deny got:Allow
HTTP 200
Contact cannot be null
POSTDoc:BillingNote: POST search✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		✓ Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200		⚠ exp:Deny got:Allow
HTTP 200
✓ Allow (matches expected) ✗ Deny (matches expected) ⚠ Mismatch 404 Not Deployed
NOTE: HTTP 400/500 on POST with empty body = permission passed, payload validation failed → counted as Allow
Generated by RBAC Package Write Tests | FlowAccount .NET Workspace | 2569-03-26 16:33:26