Each user is assigned a role that controls what a user can do in the system.
Each Role is a group of privileges
Privileges are nothing but a group of individual activities for the different documents. For example, creating a purchase order is an activity.
Roles
Roles can be managed under Configurations -> Manage Roles
To view privileges assigned to a role, or to change anything on any role, click on the edit icon. That would bring up the following screen
Privileges
To manage privileges click on Configurations -> Manage Privileges
To edit a privilege, click on the edit icon.
To create a new privilege, click on the “Add Privilege” button, which would bring up the following screen:
Some of the common privileges are:
Full: A user with full access can do everything for that object. For example, a user with Full Access for Order can do any of the following listed activities.
Create: A user with a Create activity can create a document.
Update: A user with an Update activity can update a document.
Destroy: A user with a Destroy activity can delete a document.
View: A user with a view activity can view a document that is created by them.
View all: A user with a View all activity can view all documents irrespective of who created the document.