Difference between revisions of "Access rights"

From Protemos Wiki
Jump to: navigation, search
(1.35)
(Settings)
 
(80 intermediate revisions by 5 users not shown)
Line 1: Line 1:
''User groups page: [http://cloud.protemos.com/user-group/index/ http://cloud.protemos.com/user-group/index]''
+
__FORCETOC__
 +
''Roles and access rights: [https://cloud.protemos.com/user/roles cloud.protemos.com/user/roles]''
 
----
 
----
Go to '''System => User groups''':
 
  
[[File:SM User groups.jpg|border|170px]]
+
<span style="color:red">Some of the features described below will be available with the forthcoming system release.</span>
  
Use this menu screen to see access rights for various user groups.
+
Go to '''Settings ⇾ Access control ⇾ Roles '''.
  
[[File:user groups system permissions n.jpg|border|640px]]
+
[[File:Settings - access control - roles.png|border|300px]]
  
- '''Project Managers''': may see only own projects, do not have access to finances, reports, and system menus.
+
=='''Access rights for managers'''==
  
- '''Account Managers''': may see all projects and finances, but cannot see reports and system menus.
+
This table shows the levels of access rights in the system and the permissions that are associated with each level. Using the data from it, you may define a certain level of access rights for your managers according to your needs:
  
- '''Administrators''': may see and modify everything but cannot change the company account owner.
+
[[File:Role-based access control.1.png|border|1200px]]
  
So, if you want more rights to your '''PMs''', select the '''Account Manager''' role for them.
+
To put it shortly, it means the following:
  
==1.35==
+
*'''Owner''' — the only person who can delete the account. Has full Administrator rights
  
Go to '''System => User groups''':
+
*'''Administrator''' — has full access to everything.
  
[[File:SM User groups.jpg|border|170px]]
 
  
Use this menu screen to see access rights for various user groups.
+
*'''Project and finance manager''' — has access to everything, but cannot add managers and change system settings.
  
[[File:User groups final.jpg|border|1000px]]
+
*'''Project and client finance manager''' — the same as “Project and finance manager”, but without access to vendor payables, invoices, payments, and payment methods.
  
* '''Administrator''': may see and modify everything but cannot change the company account owner.
+
*'''Project and vendor finance manager''' — the same “Project and finance manager”, but without access to client receivables, invoices, and payments.    
  
* '''Senior project and finance manager''': may see all quotes, projects, jobs, clients, vendors, and finances but does not have access to reports and system menus.
+
*'''Project manager''' — a manager without access to client receivables, vendor payables, payment methods, their invoices and payments.
  
* '''Senior project manager''': may see all quotes, projects, jobs, clients, vendors, prices, and finances (except for invoices and payments) but does not have access reports and system menus. 
 
  
* '''Project manager''': may see only their own quotes, projects, jobs and those where they are assigned as a secondary manager. They can also see clients, vendors, prices, and finances (except for receivables and payables of other managers, invoices, and payments. Do not have access to reports and system menus.
+
*'''Sales manager''' — a manager who can create quotes and projects but cannot access jobs as well as job tenders. This role also does not allow to access vendor profiles and all vendor-related finances.
  
* '''Finance manager''': has access only to finances menu.
+
*'''Accountant''' — this role lets the user create invoices based on payables and receivables entered by project managers, and also enter payments from clients and to vendors. The accountant cannot create or edit projects or assign jobs to vendors.
  
* '''Vendor manager''': has access only to vendors and vendor prices menus.
+
*'''Client and vendor manager''' — can enter clients and vendors and their prices into the database.
 +
 
 +
*'''Client manager''' — can enter clients and their prices into the database.
 +
 
 +
*'''Vendor manager''' — can enter vendors and their prices into the database.
 +
 
 +
*'''To-do employee''' — this role allows the user to create to-dos and access to-dos assigned to them.
 +
 
 +
=='''Access rights to reports and settings'''==
 +
 
 +
==='''Reports'''===
 +
 
 +
Each manager can view reports that are only relevant to their role permissions.
 +
 
 +
For instance, the “Project and client finance manager” role allows viewing financial reports related to clients, but does not allow viewing similar vendor-related reports.
 +
 
 +
Consequently, a manager with such a role will also not be able to see the reports on language pairs, services, specializations, etc., because they also consist of amounts paid to vendors.
 +
 
 +
<span style="color:orange">'''Note:'''</span> Only the “Administrator” role allows viewing all the reports.
 +
 
 +
==='''Settings'''===
 +
 
 +
The same logic applies to viewing settings: Each role (except “Administrator”) allows accessing certain account settings sections in the view-only mode in accordance with the roles’ permissions.
 +
 
 +
For instance, a manager with the “Project manager” role does not have access to such account settings as '''Payment methods''', '''Taxes''', '''CAT log conversion schemes''', '''Email templates''', etc., because this role does not include permissions to use corresponding features.
 +
 
 +
Please note that all the roles allow viewing the '''System values''' section.
 +
 
 +
<span style="color:orange">'''Note:'''</span> Only the "Administrator" role allows not only viewing, but also editing all the settings.
 +
 
 +
=='''Access rights for clients and vendors'''==
 +
 
 +
[[File:Clients and vendors table.png|border|1200px]]
 +
 
 +
=='''Client pools'''==
 +
 
 +
By default, managers can access all the client profiles and other client-related objects according to their role but you can limit the access of your managers to specific clients according to your needs.
 +
To do so, you can create and assign a client pool to certain managers. For more info, please check the <U>[[Client pools|'''Client pools''']]</U> page.

Latest revision as of 13:49, 23 October 2025

Roles and access rights: cloud.protemos.com/user/roles

Some of the features described below will be available with the forthcoming system release.

Go to Settings ⇾ Access control ⇾ Roles .

Settings - access control - roles.png

Access rights for managers

This table shows the levels of access rights in the system and the permissions that are associated with each level. Using the data from it, you may define a certain level of access rights for your managers according to your needs:

Role-based access control.1.png

To put it shortly, it means the following:

  • Owner — the only person who can delete the account. Has full Administrator rights
  • Administrator — has full access to everything.


  • Project and finance manager — has access to everything, but cannot add managers and change system settings.
  • Project and client finance manager — the same as “Project and finance manager”, but without access to vendor payables, invoices, payments, and payment methods.
  • Project and vendor finance manager — the same “Project and finance manager”, but without access to client receivables, invoices, and payments.
  • Project manager — a manager without access to client receivables, vendor payables, payment methods, their invoices and payments.


  • Sales manager — a manager who can create quotes and projects but cannot access jobs as well as job tenders. This role also does not allow to access vendor profiles and all vendor-related finances.
  • Accountant — this role lets the user create invoices based on payables and receivables entered by project managers, and also enter payments from clients and to vendors. The accountant cannot create or edit projects or assign jobs to vendors.
  • Client and vendor manager — can enter clients and vendors and their prices into the database.
  • Client manager — can enter clients and their prices into the database.
  • Vendor manager — can enter vendors and their prices into the database.
  • To-do employee — this role allows the user to create to-dos and access to-dos assigned to them.

Access rights to reports and settings

Reports

Each manager can view reports that are only relevant to their role permissions.

For instance, the “Project and client finance manager” role allows viewing financial reports related to clients, but does not allow viewing similar vendor-related reports.

Consequently, a manager with such a role will also not be able to see the reports on language pairs, services, specializations, etc., because they also consist of amounts paid to vendors.

Note: Only the “Administrator” role allows viewing all the reports.

Settings

The same logic applies to viewing settings: Each role (except “Administrator”) allows accessing certain account settings sections in the view-only mode in accordance with the roles’ permissions.

For instance, a manager with the “Project manager” role does not have access to such account settings as Payment methods, Taxes, CAT log conversion schemes, Email templates, etc., because this role does not include permissions to use corresponding features.

Please note that all the roles allow viewing the System values section.

Note: Only the "Administrator" role allows not only viewing, but also editing all the settings.

Access rights for clients and vendors

Clients and vendors table.png

Client pools

By default, managers can access all the client profiles and other client-related objects according to their role but you can limit the access of your managers to specific clients according to your needs. To do so, you can create and assign a client pool to certain managers. For more info, please check the Client pools page.

Retrieved from "https://wiki.protemos.com/index.php?title=Access_rights&oldid=25224"