Effective permissions for a user
Related information
Related topics
Permissions enable users to perform a particular function or task within a specific area of the product. Effective permissions are derived from the combination of a user's type, a user's admin privileges, and whether or not they are operating in a role-based or user-based company.
Permission consideration
Effective permissions are determined differently in user-based and role-based companies. Effective permissions are determined after taking into account all the permissions assigned to a user by their user type, roles, and admin privileges. To view a report on user permissions, see User permissions reports.
User-based permissions
Each user's permissions are set individually when you choose a user type. These permissions are then checked against their admin privileges. The combination of the individually set permissions and admin permissions is a user’s effective permissions.
Role-based permissions
In role-based companies, permissions are assigned to roles, and then these roles are assigned to each user. A user can have more than one role, which means they can have additional permissions in some areas. These permissions are then checked against the user’s admin privileges. This combination of permissions is a user’s effective permissions.
For users with multiple roles, the role with the ability to perform the task will take precedence.
A user's permissions are a superset of permissions from all of the roles that the user is assigned.
| Permission | Role A | Role B | User permission from A and B |
|---|---|---|---|
| View | ✔ | ✔ | ✔ |
| Add | X | ✔ | ✔ |
| Edit | ✔ | X | ✔ |
| Delete | X | X | X |
For example, say a user is assigned to two roles – a Project Manager role (Role A) and an AP-related role (Role B). A Project Manager role allows the user to View and Edit documents. An AP-related role allows the user to View and Add. With these two roles combined, the user has the ability to Add, Edit, and View documents across the board.
To view and run a report on user permissions, see Running a report on a user's effective permissions.
