System permissions are the primary way of defining user access to information, functionality and activities in the system.
Conventionally, rights can be divided into two types:
- royalty rights
- consumer rights
Role rights
Setting up roles is one of the initial steps in implementing the system because they are one of the important elements for setting up user permissions. The roles in Prim.IO are synonymous with the positions in the company. Users are placed in Roles and this controls much of the access rights to the menus and functionality of the system.
Placing users in Roles allows you to work not with a specific user, but with a whole group of users. So, when you have already set up role permissions and you need to change an employee, for example, all you need to do is specify which roles the new employee will be involved in.
To better understand what roles are used for, I’ll give you an example. Consider the role of a sales consultant. All users in it should be able to create sales and financial documents and see the corresponding menus for these operations. But will they need the whole menu of finance? Wouldn’t they also need some of the interfaces in warehouse and logistics to track store availability?
All rights on whether or not to see a menu or menu item are determined by role. Separately, depending on the permissions of the Role, it determines what operations a user will be able to create, view, edit, delete and cancel. That is, if sales consultants need to be able to create transactions, you should also give them the necessary permissions for a Sales document, for example.
However, the objects in the transactions themselves – for example, the office in the invoice, the POS in the sale, the account in the payment… These are rights by specific users. That is, by role you define what the group of people will be able to see, create, modify, delete or cancel, and by user you define which object will perform the operations and all actions on them.
In each file in the system – per document, item/service, as well as in the contractors there are several tabs with additional information. This includes related transactions, accounting entries, attachments and other data in the documents, in the item/service includes inventory, moves, sales, orders, etc. As far as the tabs in the contractor’s file are concerned, there are many data about the contractor himself, contacts, contracts, sales information, financial documents, payments and much more. Rights on who gets to see what in the files are also determined by roles.
Rights by users
User rights determine who will have access to certain objects in the system, and this includes the rights of the responsible person. Personal entitlements are indicated by accounts, cash registers, warehouses, POS. There are usually three types of object rights – being able to see, being able to work, and in the case of crates and warehouses being able to move, and being a MOL.
If you give a user the right to only see an office, for example, he will be able to see the financial documents issued by it, but he will not be able to issue any. Paperwork from the office is managed by the right to be able to work.
The rights of material handlers control the removal and entry of items into the warehouse, as well as the entry of receipts and disbursements into the account/cash register.
Rights Management Interface
Anywhere in the system where you see such buttons in the system – you should know that it is about rights. Usually, when you hover over the specific icon for a right, you will see its exact definition. Granting and removing permissions is done by placing and removing checkers on all interfaces.