It seems impossible to do provide read only access permissions like view products or documents or use doc Templates or many other areas without providing "serious system level" change (write/delete) access to payment settings. There is simply a lack of read /view only options on many of the permissions. How can this be HIPPA or GDPR compliant with this level of access, control and auditing. Also when we delete a document the audit logs shows it was done from Proposals not a distinct user.