Currently, you can only select user roles, which have either no access, or full access to certain areas.
It would be very useful if one can also determine the type of access they have. This could be:
edit/add (no delete)
It would be also useful if it would be possible to allow only deletion of entires they have created themselves, so if they add something by mistake they can delete it. However, they cannot delete information already in the system.
I believe for an accounting system, it is very crucial to be able to fine-tune and control access to the system.