Go to Home> Tenant Control Panel> Roles Setup and click on Roles add button as shown below:


Roles will help you in setting up your organizational hierarchy department wise. For example:



By default, system will have two roles and its mappings under Roles Hierarchy

  1. Default Tenant Role
  2. Default User Role


The Default Tenant Role is a role which grant full access to all parts of the application (based to their subscriptions – Start Up, Standard, Enterprise). This role will be assigned automatically to the user who signed up with OnCloudERP (The First user). The first user will act as Tenant Administrator)


The Default User Role is a role which grant limited access to the application. This role will be assigned automatically while creating a new user. We will discuss about the available limited permissions of Default User Role separately.


Apart from these two roles, we can create any number of roles.


Let us take your scenario and make it now


  1. Create New Role – Hover on the Roles Hierarchy and click on Add button
  2. Input the name of the new role  (Note: Here, the View Option –  View All User Records shall be selected to see the Transactions made by all the sub-ordinates and also their own transactions)
  3. New Role created
  4. Add another role named Administrative Manager under the General Manager (The Add | Edit | Delete buttons will be visible when Hover on the role name)
  5. Add more roles named Sales Manager, Production Manager under General Manager (Note: Here, the View Option –  View All User Records shall be selected to see the Sales Transactions made by all the sub-ordinates and also their own transactions)
  6. Now we have created Level 1 and Level 2 roles 
  7. With reference to the point 5, Another View option – View Only Own / Subordinate Records for Sales Manager role is described as followsThis option helps prevent viewing the transactions made by other roles (Users). i.e., the Sales Manager cannot see the transactions/records made by the General Manager, Administrative Manager (and his/her sub-ordinates) or Production Manager (and his/her sub-ordinates).
    This can be classified as three:
     
    1. Apply On Transactions
      1. When Enabled, the user cannot view the transactions made by others (For example: Sales Order, Purchase Order made by others cannot be viewed)
      2. When Disabled, the user can view the transactions made by others
      3. By default, it is Disabled. Recommended option is to keep Enabled.
    2. Apply On Masters / Setup
      1. When Enabled, the user cannot view the transactions made by others (For example: Items, Customers, Vendors, Unit Of Measurement, etc… made by others cannot be viewed)
      2. When Disabled, the user can view the master records made by others
      3. By default, it is Disabled. Recommended option is to keep Disabled. Because, Masters records are used to refer to all the transactions. For example, Items, Customers, etc.. will be used in Orders, Invoices department wise (Sales department, Purchase department, Accounts department) etc…
    3. Apply On Statements / Reports
      1. When Enabled, the user cannot view the transactions made by others (For example: Sales Order Trend, Sales Invoice Trend, Sales Item History, Item wise last purchase rate, Production Order list, Payment Trend, Receipt Trend, etc… made by others cannot be viewed)
      2. When Disabled, the user can view the master records made by others
      3. By default, it is Disabled. Recommended option is to keep Enabled.
  8. Next level of Roles Hierarchy (Level 3). Let us take Sales Manager Role to describe them
  9. Record base permission using View option – View Only Own / Subordinate Records

    Here the role Sales Man and Invoicer is restricted to view records that belong their senior level or the role which is equivalent to them.

    Here the role Sales Man is restricted to view records that belong their senior level or the role which is equivalent to them.


    i.e., Sales Man and Invoicer cannot view the Sales Orders made by Sales Man and its senior role. Also Sales Man cannot view the Sales Orders made by Sales Man and Invoicer and its senior role.

    But the Sale Manager has all the permissions to view / edit / delete the transactions/records made by his/her sub-ordinates

    Finally, the General Manager has over all controlling of the all the role levels, being this as the top level in the hierarchy.