Roles and permissions are crucial components to configure user access and visibility of various products, thereby streamlining the process of working within the system. You can access these parameters in Settings > Security > Roles & permissions.
User roles in the PeopleForce system
User roles in the PeopleForce system
There are 5 default roles that can be assigned to users:
Administrator role, by default, includes all the highest permissions in the system. They have access to everything and can manage all data. It is the most powerful role in the system, so please assign it carefully.
All employees role is designed for basic users as it determines what information an employee can see within the system and when viewing the profiles of other employees.
Managers role is automatically assigned to individuals who have at least one employee reporting to them, allowing them to view or edit information related to both their direct and indirect reports.
Team leads role is automatically given to users designated as team leads, determining their viewing and editing rights for the profiles of members within the team they lead.
Employees about themselves role is automatically assigned to all users in the system (and this cannot be changed) as it determines what they can view and edit in their own profiles. It allows permission to be set up for every employee field, including custom fields and all tabs in the employee profile.
All roles except administrators can be edited in order to provide the various users with corresponding accesses.
In addition, you can add your own (custom) roles with specific access rights and functionality that align with your company's unique needs.
Configuring the Employees about themselves role
Configuring the Employees about themselves role
By configuring Employees about themselves roles, you can set what fields and tabs employees can view and edit in their own profiles.
To configure the role, complete the following actions:
Go to Settings > Security > Roles & permissions.
Click Employees about themselves section.
In the Permissions section, you will find a list of all the fields and tabs that may appear in the employee profile. To configure the visibility of each field, you must go through the list and select 1 of the following options:
None: If this option is selected, the employee will not see the chosen field in their profile.
View: This option allows the field to be displayed to the employee for viewing purposes only.
Edit: By selecting this option, you allow employees to see and edit the field.
If you select None for all fields within one tab, that tab will not be visible to the user.
4. You should also select certain fields to enable their display in the user profile.
5. When all settings are done, save the role.
Configuring visibility of fields in the employee profile for All employees, Managers, and Team leads roles
Configuring visibility of fields in the employee profile for All employees, Managers, and Team leads roles
By configuring the All Employees role, you can determine which fields employees can view and edit in other employees profiles. For Managers, you can specify what fields they can view and edit in the profiles of their direct and indirect reports. For Team Leads, you can establish which fields they can view and edit in the profiles of their team members.
To configure the role, complete the following actions:
Go to Settings > Security > Roles & permissions.
Click a role you want to edit.
In the Permissions section, you will find a list of all the fields (default and custom) and tabs that may appear in the employee profile. To configure the visibility of each field, you must go through the list and select 1 of the following options:
None: If this option is selected, the employee will not see the chosen field in their profile.
View: This option allows the field to be displayed to the employee for viewing purposes only.
Edit: By selecting this option, you allow employees to see and edit the field.
If you select None for all fields within one tab, that tab will not be visible to the user.
4. You should also select certain fields to enable their display for the user.
With these fields, you can configure the section shown on the screen.
5. When all settings are done, save the role.
Another essential aspect of role configuration is allowing actions within the system and granting access to various platform functionalities, as described in the next section.
Configuring permitted actions within the system for All employees, Managers, and Team leads roles
Configuring permitted actions within the system for All employees, Managers, and Team leads roles
The other step of role configuration is granting permission to perform various actions at the company level. The permissions list is determined by the PeopleForce products you have purchased.
To configure what a user with the corresponding role can do within the system, complete the following steps:
Go to Settings > Security > Roles & permissions.
Select a role you want to edit.
In the Company section, you will find a list of all permissions you can provide to a user. Depending on the purpose of the role, select the actions and accesses you wish this role to possess.
Permissions are grouped by PeopleForce products. For a detailed description of each permission, follow the corresponding link:
General
Core HR
Perform
Time
Pulse
Desk
Reports
Settings
4. Save the role when all settings are done.
Custom role creation
Custom role creation
You can create various custom roles with specific access rights and functionality that align with your company's unique needs. For example, you require a role for HR and do not wish to grant them full access to the system as the Administrator, while the All employees role is too restricted for HR functionality.
To add a role, complete the following steps:
Go to Settings > Security > Roles & permissions.
Click +New role.
Provide role name and description if required.
Assign the role to employees.
In the Permissions section, select None or View for the fields you wish this user to see within the other employee profile. If you permit the user to edit the input of corresponding fields, select the Edit option next to them.
Then, you can specify employee profiles to which the permissions configured in step 5 must apply. For example, you want to limit the role so they can view and edit fields of employees from the concrete department. You can also include terminated employees in this list.
In the Company section, select the actions and accesses you wish this role to possess within the whole platform.
Company permissions are grouped by PeopleForce products as they are determined by the products you have purchased. For a detailed description of each permission, follow the corresponding link:
General
Core HR
Perform
Time
Pulse
Desk
Reports
Settings
4. Save the role when all settings are done.
Permissions conflict
Permissions conflict
You can create as many roles as needed and assign them to users. However, it is essential to explain that even if a user has several roles with identical permissions, the system automatically chooses only one permission of the same kind. The higher permission will take effect, while the lower permissions will be ignored.
For instance, a user has Manager and Recruiter roles. The Manager role grants access to edit compensation while the Recruiter role does not, the Manager role will have a stronger influence, allowing the user to edit compensation.