User Role Management

How to manage different user roles?

User roles can be managed in Admin > Roles view.

On that view, it is possible to:

  • Add new user roles
  • Edit the permissions assigned to a specific role
  • Add coding limits for a user role.

 

 

Adding and Editing a Role

 

  1. Create a name for the role.
  2. Write a description for the role (optional).
  3. Select which permissions you want to assign to the role by tapping them active.
  4. When all necessary permissions are selected, click Add new role.
  5. Editing the role can be done by selecting it from the left and then tapping on or off any permissions needed.
  6. If you need to delete a role, select the role from the left side and click Delete role.

 

 

Permission Description

 

This table describes the permission functionalities for each permission. 

 

Guest

Permission given to roles. Does not grant user permission to make changes.

InvoicePreview

Grants the user the ability to see all invoices on the invoice handling page even if the invoice it tied to a workflow they are not part of.

UserImpersonation

Grants the user the ability to impersonate other users in Dooap.

UserRoleManagement

Grants the user the ability to add/update user rights.

DeleteInvoice

Grants the user the ability to delete invoices (by pressing the delete key on their keyboard)

ResetWorkflow

Grants the user the ability to reset workflows.

AXDataImport

Grants the user the ability to view imported data from AX2012/D365 environment (Admin > AX Import).

Admin

Grants the user access to the admin page.

TransferToPayment

Grants the user access to Transfer to payment section.

InvoiceImport

Grants the user the ability to manually import invoices into Dooap.

EditHeaderData

Grants the user the ability to edit invoice header data (i.e. company, vendor, invoice number, etc)

Archiving

Grants the user the ability to archive invoices.

ImportControl

Grants the user the ability to preview imported invoices (Admin > Import Control).

SearchAll

Grants the user access to the Search field and the ability to view all invoices tied to the companies the user has access to. 

RemoveWorkflowSteps

Grants the user the ability to remove workflow steps (i.e. reviewer).

ShowWorkflowExtras

Grants the user the ability to add a conditional approver to workflow (i.e. invoice will route to the conditional approver is over a certain dollar amount).

WorkflowChanges

Grants the user the ability to change the workflow on the fly (i.e. change a reviewer, approver, etc)

PaymentRequest

Grants the user the ability to edit all payment request header fields, including Method of Payment and Payment Terms even if they are automatically added based on defaults from AX2012/D365. 

PaymentRequestRestrictedHeader

Grants the user the ability to edit most of the payment request header fields except Method of payment and Payment Terms. These fields are locked and can not be changed. If default values are not set in AX2012/D365 and therefore nothing defaults, the user will not be able to submit the payment request as these are mandatory fields.

MIWorkflowSelection

Grants the user the ability to choose workflow via workflow predictions (this feature is available for piloting).

ChangePostingDate

Grants the user the ability to change the posting date without having other permissions to invoice header level.

CreateGlobalFilterPresets

 

UseSecurityClassInvoices

Grants users to mark invoices as classified. In addition, workflow user will now also need this permission to be able to view the invoice picture.

ViewAllSecurityClassInvoices

Grants view access to all the security class invoices’ pictures, even when the user is not part of the workflow
 
 

Example of basic user roles and permissions

 

Customers can still modify the permission selection for each role to fit their business needs.

 

Admin role

user role 2

 

Accounts payable role

example_roles_ap

 


Reviewer & Approver

example_roles_rev_app

 

 

Coding Limits

 

For each role it is possible to set coding limits. The limit defines which main accounts the user is able to use in coding.

This function also allows creating roles with cost-related limitations.
All user roles with limited coding will be indicated with a yellow colour.
 
For example: Approver Marketing, has main account selections limited for marketing.

Role building does not consider company code limitations. In large corporations with multiple company codes, the chart of accounts is often shared across all companies.



  • If Coding limits box is activated, but the limitation table is empty, the user will not see any main accounts in their drop-down when coding invoices.
  • If Coding limits box is activated, the values of unlimited main accounts are entered as below: 

     

     → When the user codes a ledger invoice, the user can only see the main accounts that are included in the allowed values

    → The user can still approve the lines where the main account is different from the user's allowed values.