Roles and permissions functionality can be used to separate areas of responsibility for company employees.
What is it?
A role is a set of certain capabilities that arise from the configuration of combinations of access rights. Its purpose is to simplify the management and control of actions that users can perform in the Space.
Permissions - determine the scope of interaction with certain system tools. Their purpose is to grant permission or prohibit users of a certain role from working with specific elements of the Space.
How to go to roles and permissions settings?
To do this, select Roles and permissions in the Settings section.
💡 It is available only to the administrator and Space owner.
A page will open where you can manage roles and permission parameters.
Management of roles and permissions
The number of roles depends on the plan ⬇️
There are 5 predefined roles on commercial plans. Namely:
Employee
Head
Head of the sales department
Manager of the sales department
HR
In addition, you can create your own roles. Using the Professional plan - an unlimited number, the Standard plan - 1.
And for the Free plan, work with two predefined roles Employee and Manager is provided.
How to create a new role and configure permissions?
To do this, click on the New role button. The creation window will open.
Name a role and go to the most important - setting permissions.
When creating a new role, you can grant permissions to interact with CRM entities and tools, namely leads, deals, contacts, companies, activities, and call log (coming soon).
Configure whether the employee to whom the role will be assigned can create, view, edit or delete elements of these entities (tools).
To do this, deny (1) or allow (3) to interact with all entity elements. Or set up limited access (2), which means that the employee can only work with the elements for which they are responsible.
If necessary, you can Allow everything or Deny everything with one button. This will mean that users of this role will either have full access to all elements or will not be able to interact with any entities at all.
Preventing of conflicts between rights
Preventing of conflicts between rights
When creating a new role, you may notice that for some actions it is not possible to deny or grant permission.
This is done to prevent conflicts between rights. So, for example, if the viewing ban is set for the leads, then the system will not give an opportunity to grant editing permission.
Therefore, when we allow viewing of leads (yours or all), it will be possible to switch access to their editing (yours or all).
And after providing editing access, the system will allow you to mark variations for deleting leads.
When all permissions are configured, click the Save button.
The newly created role will be displayed in the list at once.
How to edit an existing role?
To do this, select the role you need to make changes and click on the appropriate button.
Next, edit the name or permissions and click Save.
The system will ask for confirmation of the changes made.
💡 If in the process of editing a role, changes were made to permissions, then all users assigned to this role MUST re-authorize in the system.
How to assign a role to employees?
If the role has not yet been assigned to any employee, then simply click on the Assign button.
And if the role has already been assigned to certain employees, but you want to add new ones, then click show all.
A window will open, where in the list of employees, check those who should receive this role. You can also use the search bar to quickly find the colleagues you need. Finally, don't forget to click the Save changes button.
Alternatively, you can use the list of role users at the bottom of the page. First, mark the required employee.
And then click on the icon - assign a role and select the desired one.
The system will ask for confirmation of actions.
Regardless of which method you use, the result will show how many employees have been assigned the role.
If you want to view all users with a certain role, click on the button show in the table.
As a result, this list of employees is filtered in the list at the bottom of the page.
💡Please note that one employee can be assigned several roles at the same time. In this case, permissions will be combined.
If for one role 1 permission to interact with leads is provided and it is prohibited to interact with deals, and for role 2 the opposite is true, then the user to whom they are assigned will have the opportunity to work with both leads and deals at the same time.
In addition, when a user is assigned a new role, he/she MUST re-authorize the system in order for the role's permissions to take effect.
How to delete an employee from a role?
To do this, select the role from which you plan to delete the employee and click show all.
Next, uncheck the user and click Save changes.
💡 When a user is deleted from a role, they MUST re-authorize the system so that the permissions provided by the role cease to apply.
Peculiarities of deleting from a role
Peculiarities of deleting from a role
❗️Pay attention
If a user has only one role in the Space, when deleted from it, the Employee role will be automatically assigned to him/her.
If the user in the Space has only the Employee role, it will not be able to delete him/her from it. You will first need to assign him/her another role and only then go back to deleting him/her from the Employee role.
❗️Employee role is the default role. But it can be edited. And maybe in the process of working in Space, you will rename this role. For example, name it not Employee, but Basic access.
When deleting employees from this role (as in the situations described above), you will see a warning in the system notification, where the name you specified will be used.
How to delete a role?
To do this, select the appropriate item in the role interaction menu.
Next, specify one of the existing roles that will be assigned to employees of the role you want to delete.
And click Save.
If none of the employees is already assigned to the role, then it is deleted without additional actions.
❗️Please note that it is NOT possible to delete the predefined roles Employee and Head. There is no item in their interaction menu.
Other predefined roles can be deleted using the usual scenario.
Peculiarities of permissions and role capabilities
In all predefined and user roles, the system provides a certain scheme of permissions to tasks. It cannot be configured or changed. Some features are based on this.
In all predefined roles, access is provided only to "your" tasks.
Only the Head role does not fall under this rule. An employee assigned to this role can see all tasks in the Space, but edit or delete only "his/her". Only those in which he/she is the task creator.
2. All newly created user roles have the same task access logic. You can only work with "your own".The interaction with the task is determined only by the role of the user in the task itself (task creator, person responsible, participant, observer), and not by the role from the general functionality of roles and rights in the Space.
3. Due to the first peculiarity, the Head role cannot be duplicated. There is no such item in the interaction menu.
And for all other predefined and created roles, this can be done.
As a result, a role marked Copy will be created. It will provide similar permissions, but the employees will not be transferred to the duplicate.
If you have additional questions or you need to contact the support, send a request to this email [email protected]