Roles in Pramata define which contracts users can view and access within the system. As an Administrator, you can create custom roles based on document properties to ensure users only see contracts relevant to their responsibilities.
Managing Roles
Administrators can access the Roles section through User Management to create and manage roles. The Roles interface provides a comprehensive table where you can:
- View all existing roles
- Sort and filter columns
- Search for specific roles
- Export the roles list to Excel
- Add more columns to the table
- Create new roles
- Edit permissions for existing roles
Creating a Role
You can create roles that grant specific access to company users based on document-level attributes, ensuring they only see contracts for the accounts they should have access to.
For detailed information about how document visibility works based on your role permissions, see Access to Unauthorized Documents.
Steps to Create a Role:
- Click Add new Role.
- Complete the form with the following information:
- Role Name: A clear, descriptive name for the role
- Description: Details about the role's purpose
- Permission Type: Controls what documents users with this role can access
- Select one of the following Permission Types:
- Allow All: Grants access to all accounts and their contracts
- Deny All: Provides no access to any accounts or contracts
-
Custom: Sets access controls based on specific fields from the Standard Object Model:
- Account Name
- Account Type
- Additional options vary based on your instance's configuration (such as Geographic Region, Revenue Segment, or other custom segments defined in your Data Model)
- For Custom permission types, select:
- The Field you want to base security on
- The Operator (Equal or Not Equal)
- The Values for that field you want to control access to
- Click Create Role.
Note: You can add up to four fields to a Custom Role.
Custom Role Examples
Example 1: Access to Specific Accounts
To create a role with access only to contracts from specific accounts:
- Field = Account Name
- Operator = Equal
- Value = ACME INDUSTRIES, Atlas (fresh)
Example 2: Access to All Non-Vendor Accounts
To create a role with access to all contracts except those from vendor accounts:
- Field = Account Type
- Operator = Not Equal
- Value = Vendor
Important: Roles can be configured with multiple criteria to provide granular access control. For instance, you can create a role that combines conditions like "Business Segment = Enterprise AND Account Type NOT EQUAL to Vendor" to precisely define user access permissions.
Editing a Role
You may need to modify a role's information or permission criteria to adjust user access.
Steps to Edit a Role:
- In the roles table, hover over the role name you want to edit.
- Click View/Edit Role from the popup.
- The form will display the current role information.
- Update the role details as needed.
- Click Save Changes to apply your modifications.
Role Assignment and Activation
When a user is assigned to a newly created role or when a role is changed in the Voyager User Management module, the changes will only take effect after 10 mins
FAQ
Q: What happens when an Administrator changes my permissions?
A: You'll be logged out of the system immediately. When you log back in, you'll have access only to the features and data that align with your new role or permissions.