Creating and configuring a role

 

Roles are user rights settings that you can attribute to multiple users

It allows you to save time and gain safety in managing your different users' access rights.

This article explains the important steps in creating and configuring a role that you will attribute to one or multiple users. 

Creating a role

From an existing role

Administration > Managers/Roles > Roles tab

When clicking on the (+) button, you have the possibility to create a role manually but this would imply you entirely revisit your thinking on what perimeters are allowed and what restrictions to give your managers.

That's why we advise you to create your roles directly from an existing role in order to save time and to keep the same perspective you have on giving access to main modules. 

Capture_1_.png

When you select to "Create a role from a template", you can then choose amongst your existing roles.

You will only have to name it and check the access to different modules in order to adapt this new role as you wish. This will allow you to, for example, create a restricted role and later a more extended role for senior profiles (i.e. junior sales manager / senior sales manager).

If your list is empty, this would mean you have not created roles yet. But no worries! Our roles library is available to inspire you.

 Good to know

Your BoondManager interface offers a few default roles: the Super User manager role as well as 3 Intranet roles (Intranet account - Employee; Intranet account - Freelancer; Intranet account - Subcontractor).

  • The Employee Intranet grants, by default, access to the Timesheets, Expenses, and Absences modules.
  • The Subcontractor Intranet grants, by default, access to the Timesheets and Expenses modules.
  • The Freelancer Intranet grants, by default, access to the Timesheets, Expenses, and My Invoices modules.

Of course, you can modify the default settings if needed and choose the appropriate intranet when activating the intranet for your resources (see the dedicated article here).

Please note that you might find these roles labeled in French by default, feel free to choose the label that suits you best.

From the roles library

You can also create your roles based on the library provided to you.

For each role, you will have access to a description indicating the main functions and perimeters. You can, of course, choose to edit it later.

cAIN4TTtda.gif

Configuring a role

General information

Capture_d_e_cran_2022-11-15_a__15.36.12.png

Agencies

When configuring roles, you define for each module the accessible perimeters. In that way, when your interface has multiple legal agencies, you can create a global role then decide that secondary agencies are chosen on each manager card or decide to create specific roles for each agency, in which case you can select to replace secondary agencies with the ones in the configured role.

In each case, managers are always attached to a main agency.

This configuration will allow you to later select "Their agencies" (implying : their main agency and secondary agency/agencies) in their perimeter for accessing modules and therefore allow you to hide some data. 

Poles

The same principle is applicable for poles.  

Warning: There are no obligations to create poles. Poles simply allow you to separate your activity in another way, other than with agencies, by attaching cards.

In that way, two cards assigned to two different agencies can be attached to one same pole. It allows you to filter by pole in different modules as well as analyse performance by poles in the Reporting module.

 Our recommendation 

To have coherence in terms of roles, it is preferable to rather create a role that can adapt to the agencies and poles of a manager (except if you encounter a particular case). It is, indeed, preferable to manage agencies and poles through manager cards rather than role cards. 

 

General configuration of modules

You have the choice to activate or deactivate any module and to, then, click on the cogwheel icon to configure their access. 

Generally, for each module you have 3 sections you can configure: 

There are also particularities to each module.

Particularities by module

Candidates module

In the Candidates module, you can limit access according to the type of cards but also according to their states.  

Excluding cards by specific types 

GIF_Eclusion_type.gif

This feature allows you to, for example, hide data that you might deem confidential such as your staff's Candidate cards. 

In the example above, this manager will be able to see the list of Candidates and the information listed in this view (such as email and phone number), however, if clicking on a card, the manager will get to a page with access denied. 

Excluding cards by specific states 

Gif_Eclusion_etat_.gif

This allows you to, for example, hide data that you might deem confidential such as the Administrative tab that includes the estimated and proposed contract and salary of a future employee.

In the example above, this manager can see all candidates in their list as well as the entirety of their card information except for the Administrative tab and its content when the canditate is in the "Converted into Resource" state .

Restrictions can be combined with one another. 

Warning

This does not make the card invisible to the manager with such restrictions in their role. The card will be available in the search list of the module. 

Restrictions only apply if the user and their N-1 are not main manager of the cards in question.

Contracts

Access to the contractual data of candidates depends on the access rights and restrictions given in the Card section. In other words, the user can read and edit contracts of candidates whose Administrative tab has "Writing" access.

In the Miscellaneous section, you can also decide to give (or not) your managers access to creating "Proposed contracts".

Resources module

In the Resources module, you can limit access:

  • according to the type of the cards
  • according to the state of the cards
  • if the resource has a manager account
  • if the resource does not have any main manager (generally directors/CEOs)

As well as for candidates, these restrictions can either hide the entirety of information contained in a card or certain tabs only.

Warning

This does not make the card invisible to the manager with such restrictions in their role. The card will be available in the search list of the module.

Restrictions only apply if the user and their N-1 are not main manager of the cards in question.

CRM module

The CRM module is separated in two sections: companies and contacts.

Authorizations 

The perimeter for authorizations in the CRM module has high precision. In that way, you get to define in detail the access rights of your managers according to: 

  • their main agency and secondary agency/agencies
  • their poles
  • their business units
  • their perimeter and as a main manager, the perimeter of their N-1 
  • their perimeter and as an influencer, the perimeter of their N-1 

As an example, in the following configuration: 

Capture_d_e_cran_2022-11-23_a__09.57.54.png

The user will be able to: 

  1. have reading access to all "Companies" cards of the group.   
  2. have reading and writing access to all cards that are in their perimeter as a main manager or influencer as well as all cards their N-1 are in charge of as a main manager or influencer. 
  3. have reading and writing access to all cards that have as a manager/influencer a manager from their business unit.
    i.e. Michael and Peter are part of the business unit Digital, therefore, with these rights, Michael will be able to read and edit cards that Peter is a main manager/influencer of. 

It is also possible to only limit access to manager N-1 if they are a main manager (the user and their N-1 as main manager) or if they are an influencer (the user and their N-1 as influencer). 

Did you know? 

Cards right can be added up, in that way, you can create a card with extended rights then define rights more precisely in other cards to indicate that your managers have access rights to certain data more than other data. 

 Tips : duplicating

It is possible to establish different access for companies and for contacts. 

Capture_-_Gif_CRM.gif

This will allow you to give exactly the same access rights on Company cards and on Contact cards, however, you can always edit after duplicating. 

As an example, in the following configuration: 

Capture_d_e_cran_2022-11-23_a__10.44.33.png

We have duplicated the configuration and deleted the card that gives access to all Contact cards of the group. In this way, the user: 

  • has reading access to all Company cards of the group, as well as reading and writing access to all cards in their perimeter, perimeter of their N-1 and perimeter of their business units
  • has reading and writing access only for Contact cards in their perimeter, perimeter of their N-1 and perimeter of their business unit 
Opportunities module

Viewing and searching rights for opportunities

If you want your user to be able to view all opportunities attached to certain cards (companies, contacts, etc.) without giving them access to viewing the entirety of opportunities in the module's search view, this section is for you.

Gif_-_Vue_Besoins_.gifFor example:

  • If nothing's checked : opportunities are visible in the relevant tabs within the limits of the authorized values indicated in the settings above
  • If some options are checked: all opportunities are shown in the relevant tabs whatever perimeter is indicated in the above settings
Even if they are shown in the list, opportunities are only accessible to click on if access rights are given in the Card section of the module's configuration.  
Capture_d_e_cran_2022-11-23_a__11.30.13__EN_.png
Use example: you wish to give your sales managers the possibility to filter certain perimeters in the Opportunity module but also wish to give them visibility on all opportunities related to a company or contact before they solicit them.

 Tips : 

The Opportunities module is separated in two sections: opportunities and positionings. If your criteria for access rights is the same for the two sections, you can use the duplication feature for searching filters and available views that are in the Search section of the configuration.

This allows you, for example, to give exactly the same access rights to searching in the Opportunities section and in the Positionings section. You can also edit the rights after duplication. 

Cards access

Access to Positionings depends on the rights given for the Opportunities module in the Card section of the configuration.

  • If given access to the "Positionings" group data, the user will be able to view/create positionings on Positionings
  • If you need the user to be able to edit positionings, they will need writing access to main data as well

Capture_d_e_cran_2022-11-23_a__15.07.31.png

For example, in this configuration, user has reading and writing access to opportunities in their perimeter and the perimeter of their N-1 and therefore, has access to the entirety of positionings of these perimeters and can also create positionings. 

 

Projects module

Viewing and searching rights for projects 

Projects are visible in a few places on BoondManager: the Projects module, from a Resource card (also giving access to deliveries), Projects tab in CRM cards (companies and contacts), Projects tab in Product cards. 

That is why in the "Search" section of the configuration, you get to decide to show or hide projects of a specific perimeter or all projects. 

Gif_-_vue_Projets_.gif That implies: viewing all project cards of the group from each module's search view or from the "Projects" tab of Resources cards for example.

For example:

  • If nothing's checked : projects are visible in the relevant tabs within the limits of the authorized values indicated in the settings above
  • If some options are checked: all projects are shown in the relevant tabs whatever perimeter is indicated in the above settings

 Tips : duplicating

The Projects module is separated in two sections: projects and deliveries. If your criteria for access rights is the same for the two sections, you can use the duplication feature for searching filters and available views that are in the Search section of the configuration.

This allows you, for example, to give exactly the same access rights to searching in the Projects section and in the Deliveries section. You can also edit the rights after duplication. 

Excluding cards by specific states

This allows you to "close" an archived project in order for it not to be edited again. 

Capture_d_e_cran_2022-11-28_a__22.21.57.png

In the example above, this manager will be able to view the list of projects in their perimeter and view their main data and consumption tabs, however, they will not be able to edit the cards or access the other restricted tabs when projects are in the "Archived" state. 

Restrictions can be combined with one another.

Warning

This does not make the card invisible to the manager with such restrictions in their role. The card will be available in the search list of the module.

Restrictions only apply if the user and their N-1 are not main manager of the cards in question.

 

Activities & Expenses module

Search rights

The Activities & Expenses module is divided into a few sections: 

  • Timesheets
  • Expenses
  • Absences requests
  • Approvals

In these different search views, you can choose what to view and filter inside each section. This allows you to, for example, decide a manager can filter all timesheets of their agency but only the expenses of their N-1. 

 Tips : duplication

If your criteria for access rights is the same for each section of the module, you can use the duplication feature for searching filters and available views that are in the Search section of the configuration.

This allows you, for example, to give exactly the same access rights to searching in all sections of the Activities & Expenses module. You can also edit rights after duplication. 

Cards access

The particularity of the Activities & Expenses module is that having access to its cards depends on the rights given in the Resources module. In the Resources module settings, you get to indicate reading and writing rights on timesheets, expenses and absences requests. In the Activities & Expenses module settings, you define the access perimeter for viewing the list of cards (timesheets, etc.). Therefore:

Depending on the configured rights in the Resources module, in the Card section of its settings:

  • The user has reading and writing access to timesheets of resources whose "Timesheets" group they have reading access to or if they is in their approval workflow
  • The user has reading and writing access to expenses of resources whose "Expenses" group they have reading access to or if they are in their approval workflow
  • The user has reading and writing access to absences requests of resources whose "Absences requests" group they have reading access to or if they are in their approval workflow

Absolute rights of approval

In the Miscellaneous settings of the module, you can choose to select the option: Always allow to validate, invalidate, reject activity & expenses.

Capture_d_e_cran_2022-11-28_a__23.03.58.png

If activated, this option allows the user to validate, reject or invalidate instead of another manager, even when they are not in the approval workflow. With this option, they can also validate, reject and invalidate their own activities & expenses documents. 

Billing module

Viewing and searching rights for invoices and orders  

Orders and invoices are visible in a few places on Boond: the Billing module, the Billing tab of CRM cards (companies and contacts). 

Configuring search rights allow you to filter and search on perimeters that are more or less extended.  The option "See all group cards" overrules perimeters in the mentioned views: Billing module (no filters applied) and CRM tabs (companies and contacts).

However, the invoice card will only be accessible to click on if the access rights allow it.  

 Tips : duplicating

The Billing module is separated in two sections: Invoices and Orders. If your criteria for access rights is the same for the two sections, you can use the duplication feature for searching filters and available views that are in the Search section of the configuration.

This allows you, for example, to give exactly the same access rights to searching for Invoice cards Orders cards. You can also edit the rights after duplication. 

Purchases module

Viewing and searching rights 

If you want your user to be able to view all purchases attached to certain cards (companies, contacts, etc.) without giving them access to viewing the entirety of opportunities in the module's search view, this section is for you.

XG6Iyw1e1l.gif

For example:

  • If nothing's checked: purchases are visible in the relevant tabs within the limits of the authorized values indicated in the settings above
  • If some options are checked: all purchases are shown in the relevant tabs, whatever perimeter is indicated in the above settings

 Tips: duplicating

The Purchases module is separated in two sections: purchases and payments. If your criteria for access rights is the same for the two sections, you can use the duplication feature for searching filters and available views that are in the Search section of the configuration.

This allows you, for example, to give exactly the same access rights to searching in the Purchases section and in the Payments section. You can also edit the rights after duplication. 

Other access rights

Reporting

In this tab, you can: 

Capture_d_e_cran_2022-11-21_a__22.11.51.png

  1. Enable the reportings your manager will have access to
  2. Configure the search rights of these reportings
Miscellaneous

In this tab, you have the possibility to configure for multiple options, a few rights.

Capture_d_e_cran_2022-11-24_a__20.38.18.png

Dashboard

You can: 

Capture_d_e_cran_2022-11-24_a__13.40.06.png

 

  1. Configure search rights
  2. Define which charts are available

Actions

On the Actions module, you can configure:

Flags

You have the possibility to configure:

Shared searches

In terms of shared searches, you have the possibility to allow your manager to:

mceclip0.png

  1. Modify saved searched they have access to
  2. Share with other managers the saved searches they have access to

Threads

Capture_d_e_cran_2022-11-24_a__21.10.32.png

You have the possibility to start a thread of discussion on all cards in modules. Therefore, you get to configure getting access to them.

 Warning

When enabling this option, you allow your collaborator to access the entirety of discussion threads for cards they have access to. 

Download center

Whenever a document is exported from Boond, it ends up in the Download center. 

You get to configure on which perimeter your collaborator can filter and therefore, access the Download center: 

  • all managers
  • managers of their agencies
  • managers of their poles
  • their managers N-1
  • themselves (if everything's unchecked)

Capture_d_e_cran_2022-11-24_a__21.30.31.png

Activity history

When enabling this option, you allow your collaborator to access the entirety of history logs, and to see different modifications done by your users on cards or doings such as shares, extractions, etc. 

If you enable this option, you can configure searching rights

Subscription

When enabling this option, you allow your manager to access information regarding your BoondManager subscription and also allow them to download the invoices available there. 

Administration

 Warning!

When enabling one of these sections, you give access to the Administration console for the options enabled.  

Capture_d_e_cran_2022-11-29_a__22.12.37.png

Managers

When enabling this option, depending on search rights, card access rights and miscellaneous cards, you allow to:

  • view the list of managers
  • create and configure a manager account or role
  • delete a manager account or role
  • enable/disable an account
  • log on a manager's account

Roles

When this option is enabled, you allow your manager to create roles and configure access rights to different modules.

Legal Agencies

When this option is enabled, the user will have access to the configuration of your legal agencies

 Warning

In this section, for each agency you configure:

  • the page footer of your documents
  • settings for timesheets, expenses and absences
  • contractual and non-contractual advantages
  • your bank details, your invoices' reference mask
  • etc.

Poles

When this option is enabled, you allow your manager to create poles

Business units

When this option is enabled, you allow your manager to create business units

Global settings & translations

When this option is enabled, you allow your manager to create and edit your reference tools

 Warning

Reference tools are shared with all your legal agencies. 

Actions templates

When this option is enabled, you allow your manager to create and edit all your actions templates

Tasks lists

When this option is enabled, you allow your manager to create and edit all your tasks lists

Shared searches

When enabling this option, you can allow your manager to assign shared searches to:

Capture_d_e_cran_2022-11-29_a__22.20.09.png

  • all managers
  • their managers N-1

Apps / Marketplace

When this option is enabled, you allow your manager to install apps and also to configure their access.

 Warning

Some apps can give access to sensitive data (salaries, margins, personal info, etc.). A Manager with access to installing apps can also define their visibility for your users. This is an access to enable with caution.

Import your data

When enabling this option, you allow your manager to import data on candidates, resources, CRM (companies & contacts), actions and opportunities.

Developer space

When enabling this option, your manager will be able to create apps, create a sandbox and view the API token.

Webhooks

When this option is enabled, you allow your manager to have access to the webhooks list and therefore to manage them.

Apps

You can choose which apps your manager will have access to but you can also configure rights for some of them.

YzTMpHAahp.gif

 Warning

Some apps can give access to sensitive data (salaries, margins, personal info, etc.). When giving access to apps, make sure (by clicking the cogwheel icon for settings) that you are not giving access to data you deem sensitive or confidential.

Authorizations & warnings

In this section, you can: 

  • Enable exclusive authentification from a trusted third party
  • Enable an email alert if your account is used from a device that you have not used yet
  • Manage a list of devices allowed to connect

Capture_d_e_cran_2022-11-30_a__09.45.51.png

 

We hope that this tutorial has been of any help and we invite you to let us know by voting in the dedicated section below.

If you still have any questions, feel free to get in touch with our Support team :

Reach out to our support team

Tel : (+33) 03 62 27 61 05

Boondmanager-Mascot-Desk-lg.png

Was this article helpful?
0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.