Skip to main content

Permissions & Roles

Goal: Define permission groups that control what each role of staff member can see and do, then assign the right group to every employee. Who does this: Admin / Owner Before you start: You need access to HR → Admin Settings. Review what actions each team role needs before creating groups — it is easier to create groups first and then add employees than to reassign permissions individually.

Steps

  1. Admin / Owner Plan your permission groups. Before opening the UI, list the distinct roles in your organisation (e.g., Sales Agent, Sales Manager, Compliance Officer, Finance Officer, Admin). Each role should map to one permission group. Think about which groups need sensitive permissions — for example, "delete lead" or "approve withdrawals" — and which should be read-only on those areas.

  2. Admin / Owner Create permission groups. Go to HR → Admin Settings → Permission Groups and click to create a new group.

    • Enter a Group Name that matches the role (e.g., Sales Agent, Finance Team).
    • Assign the permissions the group needs. Permissions are grouped by module (Leads, Customers, Trading, HR, Settings, etc.).
    • For sensitive permissions (e.g., deleting a lead, exporting customer data, approving large withdrawals), only enable these on groups that explicitly need them.
    • Save the group.

    Repeat for each distinct role in your organisation. See Employee Management.

  3. Admin / Owner Assign permission groups to employees. When adding a new employee (HR → Employees → Add Employee), select the appropriate Permission Group from the dropdown. For existing employees, open the employee profile, go to the Permissions tab, and update the assigned group. See Employee Management.

  4. Admin / Owner Grant individual permission overrides where needed. If one employee in a group needs an extra permission that the rest of the group should not have (e.g., a senior agent who can also export reports), open that employee's profile and add individual permissions on top of their group assignment. Use this sparingly — group-level management is easier to audit. See Employee Management.

  5. Admin / Owner Audit permissions via the activity log. Go to HR → Logs to see an audit trail of employee actions. If an employee is performing actions they should not have access to, review their permission group assignment and individual overrides. See Employee Management.

What happens next

Employees will only see the navigation sections and action buttons their permission group allows. For example, an agent without the "delete lead" permission will not see the delete action in the lead profile.

To verify: log in as a newly created employee (or use a test account with that permission group) and confirm the expected sections are visible and the restricted actions are hidden.