The access to various documents can be managed using Role Based Permissions.

StrideERP has a system that controls access to different functions based on the role of the user. The roles can be assigned to users, and permissions can be set on the roles using the Role Permissions Manager. This manager allows you to specify which roles can access which documents and what actions (such as read, write, submit) they can perform on those documents.

After assigning roles to a user, access can be restricted to certain documents. The permission system lets you create rules that determine different levels of access for specific fields, known as the Permission Level.

1. Pre-requisite

• Role

2. How to use the Role Permissions Manage

To use Role Permissions Manager, go to:

Admin > User > Role Permissions Manager

Permissions are applied on a combination of:

• Roles: Users in StrideERP are assigned roles that determine their level of access and permissions in the system. For instance, a sales user might be given the roles of both an Employee and a Sales User. Roles can include positions such as Accounts Manager, Employee, HR User, and more.
• Document Types: In StrideERP, every type of document such as sales invoice, leave application, stock entry, etc., has its own set of role-based permissions.
• Permission Levels: Each document in StrideERP has fields grouped into levels which are identified by a unique number between 0 to 9. Different permission rules can be applied to each field group. The permission level of a field is its connection to the permission rule with the same level number.
• Document Stages: The permission system in StrideERP works at different stages of a document's life cycle such as creation, saving, submission, cancellation, and amendment. Depending on their roles, users can be granted permissions for printing, emailing, importing or exporting data, accessing reports, and defining user permissions.
• User Permissions: In StrideERP, User Permissions can limit a user's access to specific Documents for a particular Document Type. For instance, a user can be restricted to only one Territory from all Territories. If other Document Types are connected to the current Document Type through Link Fields, User Permissions for those Document Types will also apply. For example, a Customer is a link field in a Sales Order or Quotation. User Permissions can be set in the Role Permissions Manager by clicking the 'Set User Permissions' button. To know more information go to User Permissions page
• Add a New Rule: To add a new rule in the Role Permissions Manager, click on the "Add a New Rule" button. A pop-up box will appear asking you to select a Role and a Permission Level. After selecting these and clicking on "Add", a new row will be added to your rules table.

3. How Role Based Permissions Work

Leave Application is a good example that encompasses all areas of a Permission System.

• It should be created by an Employee. For this, Employee Role should be given Read, Write, Create permissions.



• To ensure that an employee can only access their own leave application, a User Permissions record should be created for each combination of user and employee.



• To allow an Employee to choose a document within another document, without granting them full read access to that document, you can give them only the Select permission in their assigned role.



• The HR Manager needs to have access to all leave applications. To achieve this, a permission rule needs to be created for the HR Manager at level 0, with read permissions. Additionally, the apply user permissions should be disabled.



• The Leave Approver should have access to view and edit the Leave Applications of the employees under them. To do this, they are given read and write access at Level 0 and the relevant employee documents are listed in their User Permissions. If the Leave Approver is mentioned in the Employee Documents, then User Permission records are created automatically to reduce the effort



• The "Status" field of a Leave Application can only be approved or rejected by the HR User or Leave Approver. The "Status" field is at Level 1. HR User and Leave Approver are given Read and Write permissions for Level 0, while all other users are given only Read permission for Level 1.



• HR User can assign the responsibility of Leave Applications to his/her subordinates by delegating the task. HR User has the ability to set User Permissions, which allows the HR User to define the access rights for other users in relation to the Leave Application.