Skip to main content

Restrict access to parts of the system using roles

Use System Setup > Roles & Role Membership to control which users can see, edit, create, and delete.

Updated this week

Roles are assigned to users. They let you specify which areas of your users can see, and whether or not they can create, edit, and delete records in those areas. All users must have at least one role.

Add a role

To add a role, go to System Setup > Roles & Role Membership, then click the green Add Role button. For further adjustments, navigate to System Setup > Preferences and locate the Opportunity Settings section to modify specific access permissions tailored to team needs.

You can set up show, create, edit, and delete permissions for:

Use the matrix of tick boxes to control what a user with this role assigned to them can see (show), create, edit, or delete. 

Remember that some permissions here might conflict with others. For example, if a user may edit opportunities, they’ll also have access to products because products are added to opportunities. 

Can you see order values?

If you don’t want users with this role to see order values, toggle this to NO. This hides financial figures throughout Current RMS, including the sales pipeline on the Dashboard and charge totals on opportunities & invoices.

Keep in mind that prices of products in Resources > Products and opportunity documents might still be visible, depending on how you have set up your roles.

Can access everyone’s opportunities?

Toggle to NO to prevent users with this role from accessing opportunities where they’re not the owner or a participant.

Opportunity functions

Choose which functions on the opportunity detail view that users with this role may access. This is handy if you’d like to prevent your warehouse team from editing opportunities.

Assigned users

Tick boxes here to apply this role to your users. You don’t have to do this just yet, you can always edit a user account to apply a role to it.

Why might you create roles?

  • Don’t want any staff to be able to delete records? Make sure all of the delete boxes are unticked.

  • For a simple warehouse account, you could select only that a role can show and edit opportunities, products, and quarantines.

  • Create an account for an accountant or bookkeeper by allowing access only to Invoices & Credits.

Work with multiple roles

Roles can be combined, useful for letting you create roles around duties. For example, you might have a role called “Invoicing” and a role called “Sales”.

Your sales role might include permission to show, create, edit, and delete opportunities, projects, and records in People & Organisations. Your invoicing role might grant permission to show, create, edit, and delete invoices and credits. 

If you trust a sales colleague to invoice, you can give them both the role for “Sales” and “Invoicing.” 

Administrator access

Users who are marked as administrators have full access, regardless of the roles that you’ve applied to their account. An administrator account can:

  • Access System Setup
    System Setup allows you to make wide-ranging changes to your system and billing, so it’s restricted to administrator users only.

  • View Reports
    Reports contain real insight into your business that you might wish to keep confidential.

  • Change the organisation on an opportunity at the order stage
    Once an opportunity has been converted to an order, the opportunity is confirmed. At this point, paperwork such as the Rental Agreement might have been generated and printed, so changing the customer is something that's controlled and limited. Furthermore, changing the customer can impact your taxation settings.

  • Edit the opening balance on stock levels
    Changing the opening balance on a stock level is restricted to administrators to prevent stock levels from being adjusted without a transaction.

Roles on document layouts

You can apply roles to documents to control who can access them. Do this by editing the document layout in System Setup > Document Layouts.

This is important in cases where you’ve toggled the “Can see order values” slider to NO – even if your users can’t see order values, they might still be able to generate documents that have order values on them.

Roles on custom views

Set up roles against custom views to determine which users can see custom views that you create. 

This is especially handy for creating views for particular departments, e.g. views that show your warehouse staff what’s to prep, or views of uninvoiced opportunities for your accounts team.

Managing Access for Multiple Users

Consider setting up individual accounts for users rather than sharing a single account. This ensures each user has their own login credentials and enhances security, especially when using features like 2-Factor Authentication (2FA).

Did this answer your question?