document.*) are dynamic — they are generated at runtime from the job_file_types database table. Each document type has a permission_key column, and the system appends .upload, .read, or .delete to build the final permission key.
When a new document type is created in Settings → Documents, a new set of three permissions is automatically available for assignment. No code changes are required.
Permission Pattern
For each document type withpermission_key value document.{type}, three permissions are created:
| Suffix | Action | Checked By |
|---|---|---|
.upload | Upload a document of this type | DocumentPermissionHelper::canUpload() |
.read | View/download a document of this type | DocumentPermissionHelper::canRead() |
.delete | Delete a document of this type | DocumentPermissionHelper::canDelete() |
Current Document Types
The following document types are currently configured. All permissions below are active — they are checked at runtime when a user attempts to upload, view, or delete a document.| Document Type | Upload Key | Read Key | Delete Key |
|---|---|---|---|
| Go Ahead Instruction | document.go_ahead_instruction.upload | document.go_ahead_instruction.read | document.go_ahead_instruction.delete |
| Purchase Order | document.purchase_order.upload | document.purchase_order.read | document.purchase_order.delete |
| Works Order | document.works_order.upload | document.works_order.read | document.works_order.delete |
| EICR Certificate | document.eicr_certificate.upload | document.eicr_certificate.read | document.eicr_certificate.delete |
| PAT Test Certificate | document.pat_test_certificate.upload | document.pat_test_certificate.read | document.pat_test_certificate.delete |
| LRA Certificate | document.lra_certificate.upload | document.lra_certificate.read | document.lra_certificate.delete |
| GSC Certificate | document.gsc_certificate.upload | document.gsc_certificate.read | document.gsc_certificate.delete |
| Warning Notice | document.warning_notice.upload | document.warning_notice.read | document.warning_notice.delete |
| Floor Plan | document.floor_plan.upload | document.floor_plan.read | document.floor_plan.delete |
| Deposit Invoice | document.deposit_invoice.upload | document.deposit_invoice.read | document.deposit_invoice.delete |
| Invoice | document.invoice.upload | document.invoice.read | document.invoice.delete |
| Quote | document.quote.upload | document.quote.read | document.quote.delete |
| Cleaning Requirements | document.cleaning_requirements.upload | document.cleaning_requirements.read | document.cleaning_requirements.delete |
| Energy Performance Certificate | document.energy_performance_certificate.upload | document.energy_performance_certificate.read | document.energy_performance_certificate.delete |
| Contractors Quote | document.contractors_quote.upload | document.contractors_quote.read | document.contractors_quote.delete |
Total: 45 permissions (15 document types × 3 actions each)
Adding New Document Types
When a new document type is created via Settings → Documents:- A row is inserted into
job_file_typeswith apermission_key(e.g.document.gas_safety_record) - Three new permissions become immediately available:
.upload,.read,.delete - Assign the new permissions to the appropriate roles via Settings → Staff Permissions
- No deployment or code change is needed — the system reads document types from the database at runtime