Approval Workflow
Draft → Pending Approval → Approved. Who submits, who approves, and what gets locked.
Approval Workflow#
Most records in Neriyam — items, customers, suppliers, purchase requisitions, purchase orders, sales orders — go through a short approval workflow before they can be used in live transactions.
The workflow is intentionally simple: two roles, four steps.
The four steps#
Draft → Pending Approval → Approved
↑ │
│ └──────→ Rejected (goes back to the creator)
│
└── Recall (only from Pending)
- Draft — the creator is still working on the record
- Pending Approval — the creator has submitted it for review
- Approved — an approver has reviewed and approved it
- Rejected — the approver sent it back with a reason; the creator can edit and resubmit
The two roles#
Every record type in the workflow has two permissions:
- Manage permission — can create, edit, delete drafts, submit for approval, and recall pending records
- Approve permission — can approve or reject pending records
These are separate permissions so an approver can review work they did not create — the classic maker/checker control.
Example: sales orders#
SALES.MANAGE_SALES_ORDER— create, edit, submit, recall, deleteSALES.APPROVE_SALES_ORDER— approve or reject
A single user can hold both permissions and approve their own work, but in most organizations these are split across two people.
Step-by-step#
1. Draft#
- Creator opens the new-record form, fills it in, and clicks Save
- The record lands in
Draftstatus - It is fully editable
- It can be deleted
Fields like a document code are not yet assigned at this point for transactional documents — the record shows a temporary "Draft Ref" placeholder instead. See Document numbering.
2. Submit for approval#
- Creator clicks Submit for Approval (usually from the row menu on a list, or the top of a detail page)
- The record moves to
Pending Approval - The record becomes read-only — no one can edit it while it is pending
- Depending on document numbering rules, the real code may be assigned now (replacing the draft ref)
If the record fails validation on submit — for example, a required field is empty or a tax code is missing — Neriyam shows the errors inline and the status stays in Draft.
3a. Approve#
- An approver (someone with the approve permission) reviews the pending record
- They click Approve
- The record moves to
Approved - It can now be used downstream (PO against a PR, GRN against a PO, etc.)
Once a record is Approved, most fields become read-only. For example, on an approved sales order you cannot change the customer, the line quantities, or the tax rates. You can still change things that do not affect the commercials, like notes or attachments.
3b. Reject#
- The approver clicks Reject
- They must enter a reason
- The record moves to
Rejected - It returns to the creator who can edit it and resubmit, or delete it
4. Recall (optional)#
- While a record is
Pending Approval, the creator (or anyone with manage permission) can click Recall - The record moves back to
Draftwithout being approved or rejected - This is useful when you realise you submitted too early and need to fix something
After approval#
Cancel#
Approved records can be cancelled (not deleted). Cancelled records stay in the database with status CN — you can still view them, but they cannot be acted on.
Mark as Sent (POs only)#
After approval, purchase orders can be marked as Sent — meaning the document has been formally communicated to the supplier. This is a separate step from approval because internal approval and external send-out are different events.
Editing an approved record#
Most fields are locked once a record is Approved. To make a change, you typically have two options:
- Cancel and recreate — cancel the approved record and create a new one
- Edit side-car data — a few non-commercial fields (remarks, attachments, contacts) may still be editable
For master data (items, customers, suppliers), a subset of fields stays editable even after approval — see the module-specific docs.
What requires approval?#
Whether the approval workflow applies depends on toggles in Settings › System Settings:
- Item requires approval — on/off
- Customer requires approval — on/off
- Supplier requires approval — on/off
Transactional documents (PR, PO, SO) always go through the workflow — there is no toggle to skip it.
For small teams where the same person creates and approves everything, keep the approval toggles on but make sure at least one user has both the manage and approve permissions. They can still create, submit, and approve in three quick clicks.
Permission matrix#
| Document | Manage permission | Approve permission |
|---|---|---|
| Items | INVENTORY.MANAGE_ITEMS | INVENTORY.APPROVE_ITEMS |
| Customers | SALES.MANAGE_CUSTOMERS | SALES.APPROVE_CUSTOMERS |
| Suppliers | PURCHASE.MANAGE_SUPPLIERS | PURCHASE.APPROVE_SUPPLIERS |
| Purchase Requisitions | PURCHASE.MANAGE_PURCHASE_REQUISITIONS | PURCHASE.APPROVE_PURCHASE_REQUISITIONS |
| Purchase Orders | PURCHASE.MANAGE_PURCHASE_ORDER | PURCHASE.APPROVE_PURCHASE_ORDER |
| Sales Orders | SALES.MANAGE_SALES_ORDER | SALES.APPROVE_SALES_ORDER |
Delete permission escalation#
For customers and suppliers, the delete permission depends on the record's current status:
- Draft / Pending / Rejected → requires the Manage permission for the role (e.g.,
SALES.MANAGE_CUSTOMERS). - Approved → requires the Approve permission (e.g.,
SALES.APPROVE_CUSTOMERS). The stronger permission gates removing an approved record, since approval is a deliberate sign-off and undoing it carries more weight.
A user with only the Manage permission can delete drafts but cannot delete approved customers or suppliers — they get a 403 Forbidden from the API.
Related#
- Lifecycle and fulfillment status — where approval fits in the bigger picture
- Document numbering — when real codes are assigned vs. draft refs
Last updated