agrē onlineHelp
Click here to see this page in full context
  1. Home >
  2. File >
  3. Security >
  4. Manage Roles

Manage Security Roles

Each agrē user that you create must be assigned to one at least one role, and can be assigned to more than one. When you customize your roles, you can choose to allow or deny various actions.

What you'll find:

Adding Roles

Copying Roles

Editing Roles

Deleting Roles

Adding Roles

The Add Role window consists of the following two tabs:

Role tab. Used to enter a role’s description and select the users you want assigned to a role (providing you have already added users).

Permissions tab. Used to specify the security settings for a role. The Permissions tab consists of seven tabs.

To add a role, there are two steps to follow; however, not all steps are required and they can be completed as needed. When you are finished adding the information needed, click Save.

Tips

You may find it beneficial to create a security role for messages only. You can allow or deny access to the messages you want your users to receive in the Message Centre.

You may also find it helpful to create a security role that denies all GL actions. Users assigned to this role can have access to agrē but not to the company’s GL.

What you'll find:

Step 1: Complete the Role Tab

Step 2: Complete the Permissions Tab

Step 1: Complete the Role Tab

To complete the Role tab

On the File menu, point to Security and then click Manage Roles.
The Manage Roles window opens.

Click Add.
The Add Role window opens.

Tip

If a role already exists that is almost just what you want, you can copy the role and edit it instead of starting from a blank one.

Click the Role tab.
The Role tab is selected by default.

In the Role Description box, enter a unique description for the role.
For example, Front Desk, Trainer, Receive Messages. This description appears anywhere that you select or view a role and in all related reports.

In the In Role? column, select the In Role? check boxes for the users that you want to assign to this role.
If you have not yet added your users, ignore this step. You can assign users to roles at a later time (on this tab or when you add your users).

Step 2: Complete the Permissions Tab

The Permissions tab consists of the following seven tabs: Accounts Receivable, Inventory, Accounts Payable, General Ledger, Blending, Reports, and Administration.

Use the Permissions tab to allow or deny (or leave blank) the various actions listed. The Item column displays the various items in agrē that you can set security permission for while the Action column displays the various actions you can perform for the items. For example, the item “AR Discount Groups” (on the Accounts Receivable tab) has two actions you can set security permissions for: Enable on menu and Manage.

Note

If you “allow” an action, then that action is allowed anywhere in agrē. For example, if viewing a specific report is allowed, then that report, and all its hyper links, can be viewed anywhere in agrē. Conversely, if you “deny” an action, then that action is denied anywhere in agrē.

The table below outlines the various actions that you can set security permissions for. Use it for reference as you set up your security permissions.

To complete the Permissions tab

Click the Permissions tab.

For each subtab (Accounts Receivable, etc.), in the Allow? column, select the Allow? check boxes for the actions that you want available for the users assigned to this role.
or
 In the Deny? column, select the Deny? check boxes for the actions that you don’t want available for the users assigned to this role.
or
 Leave the check boxes blank (null).

Click Save.

Tip

To quickly allow and deny all the items in the list, click Allow All and Deny All. To quickly clear all the items in the list, click Clear All.

Action Table

The Action table below outlines the various actions that you can set security permissions for. The actions are generic and apply to the item you are referring to (in the Item column).

Use the following table as a quick reference for some of the various actions that you can set security permissions for.

 

Action

Result

Add

If allowed, users can add the item to the database anywhere it’s available to add. For example, an invoice.

 

If denied, users cannot add the item anywhere in the database.

Add address

If allowed, users can add addresses for the item to the database anywhere it’s available to add. For example, a customer’s address.

 

If denied, users cannot add addresses for the item anywhere in the database.

Apply/Unapply Credits

If allowed, users can apply and unapply credits for the item anywhere it’s available in the database. For example, customer accounts or when editing invoices.

 

If denied, users cannot apply and unapply credits for the item anywhere in the database.

Change customer

If allowed, users can change the customer for the item anywhere it’s available in the database. For example, changing the customer on a work order.

 

If denied, users cannot change the customer for the item anywhere in the database.

Change date

If allowed, users can change the date for the item anywhere it’s available in the database. For example, changing the date on a loadout ticket.

 

If denied, users cannot change the date for the item anywhere in the database.

Customer Balances

If allowed, users can adjust customer balances for the item anywhere it’s available in the database. For example, setup mode.

 

If denied, users cannot adjust customer balances for the item anywhere in the database.

Delete

If allowed, users can delete the item from the database anywhere it’s available to delete. For example, an invoice.

 

If denied, users cannot delete the item anywhere in the database.

Edit

If allowed, users can edit the item in the database anywhere it’s available to edit. For example, an invoice.

 

If denied, users cannot edit the item anywhere in the database.

Edit Costs

If allowed, users can edit the cost of the item in the database anywhere it’s available to edit. For example, an inventory adjustment.

 

If denied, users cannot edit the cost of the item anywhere in the database.

Edit Credit Limit

If allowed, users can edit the credit limit for the item in the database anywhere it’s available to edit. For example, changing a customer’s credit limit.

 

If denied, users cannot edit the credit limit for the item anywhere in the database.

Edit GL Acct/Project

If allowed, users can edit the GL account and project for the item in the database anywhere it’s available to edit. For example, inventory adjustments.

 

If denied, users cannot edit the GL account and project for the item anywhere in the database.

Edit Interest Rate

If allowed, users can edit the interest rate for the item in the database anywhere it’s available to edit. For example, an invoice.

 

If denied, users cannot edit the interest rate for the item anywhere in the database.

Edit Permissions

If allowed, users can edit the security permissions for the item in the database anywhere it’s available to edit. For example, a security role.

 

If denied, users cannot edit the security permissions for the item anywhere in the database.

Edit prices

If allowed, users can edit the price of the item in the database anywhere it’s available to edit. For example, an invoice.

 

If denied, users cannot edit the price of the item anywhere in the database.

Enable on menu

If allowed, users can view the item on the agrē menus. For example, AP Payment Types.

If denied, the item is unavailable on the agrē menus.

GL Chart

If allowed, users can view the GL chart for the item in the database anywhere it’s available to view. For example, setup mode.

 

If denied, users cannot view the GL chart for the item anywhere in the database.

Inventory

If allowed, users can view inventory for the item in the database anywhere it’s available to view. For example, setup mode.

 

If denied, users cannot view inventory for the item anywhere in the database.

Manage

If allowed, users can view and change data for the item in the database anywhere it’s available to view and change. For example, a project.

 

If denied, users cannot view and change data for the item anywhere in the database.

Post

If allowed, users can post data for the item in the database anywhere it’s available to post. For example, a recurring journal entry.

 

If denied, users cannot post data for the item anywhere in the database.

Select price from list

If allowed, users can select a price for the item in the database anywhere it’s available to select. For example, a work order.

 

If denied, users cannot select a price for the item anywhere in the database.

Show advanced

If allowed, users can view and manage advanced options for the item in the database anywhere it’s available to view and manage. For example, a customer account.

 

If denied, users cannot view and manage advanced options for the item anywhere in the database.

Supplier Balances

If allowed, users can adjust supplier balances for the item anywhere it’s available in the database. For example, setup mode.

 

If denied, users cannot adjust supplier balances for the item anywhere in the database.

View

If allowed, users can view the item in the database anywhere it’s available to view. For example, a report.

If denied, users cannot view item anywhere in the database.

View costs

If allowed, users can view costs for the item in the database anywhere it’s available to view. For example, a cost details window.

If denied, users cannot view costs for the item anywhere in the database.

View PIN

If allowed, users can view the PIN for the item in the database anywhere it’s available to view. For example, the Fuel Card Master List report.

If denied, users cannot view the PIN for the item anywhere in the database.

Copying Roles

Instead of creating a new role from scratch, you can copy an existing one and tweak it (if you have permission to Add a new role, you also have permission to Copy one).

To copy a role

On the File menu, point to Security and then click Manage Roles.
The Manage Roles window opens.

From the Role list, select the role to copy and then click Copy.
The Copy Role window opens.

Follow the steps above for Adding Roles, starting with making the Role Description unique.

Editing Roles

You can edit any of your existing roles at any time.

To edit a role

On the File menu, point to Security and then click Manage Roles.
The Manage Roles window opens.

In the Role list, select the role to edit and then click Edit.
The Edit Role window opens.

Edit the data on the two tabs (Role, Permissions) as needed.

Click Save.

Deleting Roles

Use the Manage Roles window to delete roles from the database. Once you delete a role, it cannot be undone. You cannot delete roles that are assigned to users.

To delete a role

On the File menu, point to Security and then click Manage Roles.
The Manage Roles window opens.

In the Role list, select the role to delete and then click Delete.

Note

If the Delete button is not available, the role you selected cannot be deleted.

Click Yes to confirm the deletion.
The role is deleted.