Each user is assigned a role that controls what a user can do in the system.

Each Role is a group of privileges

Privileges are nothing but a group of individual activities for the different documents. For example, creating a purchase order is an activity.

Roles

Roles can be managed under Configurations -> Manage Roles

To view privileges assigned to a role, or to change anything on any role, click on the edit icon. That would bring up the following screen

Privileges

To manage privileges click on Configurations -> Manage Privileges

To edit a privilege, click on the edit icon.

To create a new privilege, click on the “Add Privilege” button, which would bring up the following screen:

Some of the common privileges are:

Full: A user with full access can do everything for that object. For example, a user with Full Access for Order can do any of the following listed activities.

Create: A user with a Create activity can create a document.

Update: A user with an Update activity can update a document.

Destroy: A user with a Destroy activity can delete a document.

View: A user with a view activity can view a document that is created by them.

View all: A user with a View all activity can view all documents irrespective of who created the document.