Document-related permissions control the entire lifecycle of:

• Quotes
• Invoices
• Letters

These capabilities determine who can:

• View documents
• Create and edit them
• Send them
• Cancel them
• Mark invoices as paid
• Unlock locked records
• Delete them

Understanding this hierarchy is essential for safe delegation.

👁 View vs Manage Documents

view_documents

Allows a user to:

• Access the File Archive
• View document details
• Open preview screens

They cannot edit or issue documents.

manage_documents ≥ view_documents

Allows a user to:

• Create new documents
• Edit draft documents
• Modify unsent documents
• Update line items and details

Without view_documents, management would not function — this hierarchy is enforced.

📝 Issuing Documents

issue_quotes_invoices ≥ manage_documents

Allows a user to:

• Send quotes
• Send invoices
• Generate official document references
• Trigger document locking events

Issuing a document is a financial action.

This permission should be restricted to trusted roles.

💰 Marking Invoices as Paid

mark_invoices_paid ≥ issue_quotes_invoices

Allows a user to:

• Mark invoices as paid
• Trigger automatic financial locking
• Update revenue metrics
• Affect reports and financial dashboards

Marking an invoice as paid changes financial state.

This should not be granted lightly.

❌ Cancelling Documents

cancel_documents ≥ manage_documents

Allows a user to:

• Cancel issued quotes
• Cancel invoices
• Preserve audit trail while stopping document validity

Cancelled documents remain recorded but are flagged as void.

🔓 Unlocking Documents

JiffyTrade uses a double-lock system:

• Manual lock
• Automatic system lock (send, convert, paid, reminder)

Unlocking is split into two permissions:

unlock_documents ≥ manage_documents

Allows unlocking of general locked documents.

unlock_financial_documents ≥ unlock_documents

Allows unlocking of financially sensitive documents, including:

• Sent invoices
• Paid invoices
• Converted quotes

This is a higher-risk permission.

Best practice: restrict to managers or Plugin Super Administrators.

🔔 Sending Reminders

send_reminders ≥ view_documents

Allows a user to:

• Send reminder emails
• Trigger reminder state change
• Update invoice status indicators

Reminders affect customer communications but do not alter financial totals.

🗑 Trash vs Permanent Deletion

Document deletion is separated into stages.

trash_documents

Allows a user to:

• Move documents to Trash
• Remove from active archive

Documents remain recoverable.

restore_trashed_documents ≥ trash_documents

Allows:

• Recovering documents from Trash
• Restoring to active state

delete_documents_permanently ≥ trash_documents

delete_documents_permanently ≥ restore_trashed_documents

Allows:

• Permanent removal from system
• Irreversible deletion

System safeguards apply:

• Quotes with linked invoices cannot be permanently deleted.
• Financial locking rules still apply.

🔐 How Locking & Permissions Work Together

Even if a user can manage documents:

They may not be able to edit a locked document.

Unlock permission is required.

This separation ensures:

• Staff can draft documents
• Managers control financial integrity
• Sensitive edits require deliberate authority

🎯 Recommended Document Permission Setup

For most teams:

• Staff → View + Manage + Issue
• Managers → Cancel + Unlock
• Finance → Mark Paid
• Owner → Permanent Delete + Financial Unlock

This prevents:

• Accidental revenue manipulation
• Audit trail corruption
• Unauthorised deletion

🧠 Key Principle

Visibility does not equal authority.

Editing does not equal issuing.

Issuing does not equal marking paid.

Each stage of the document lifecycle is intentionally separated.

This protects your business records.