What are Roles?
Roles are how you manage user access to specific actions within FreeAgent CRM. From the ability to Import/Export data to specific actions like bulk delete records or edit activities.
There are 7 different roles built into FreeAgent CRM, but you have the option to create new ones, edit existing ones, and deactivate those that you don't need.
As an organization, you should decide what roles you require in FreeAgent before you start to assign Access Control Lists to these roles. We'll address ACLs later in this article.
Note: It's required that you have at least one Admin within FreeAgent. There are no requirements for other roles.
User Permissions: Only the Administrator can use this feature.
We will cover the following topics:
- Navigating to Roles
- What Are Roles?
- Editing an Existing Role
- Special Considerations
- Creating a New Role
Navigating to Roles
Go to Settings > Team > Roles. You can also use the search function to get there faster, just start typing 'Roles'.
What Are Roles?
Think of Roles as permissions for your users that apply to applications and actions within FreeAgent.
Assigning any of the existing roles or your custom ones to your users will limit their access to some of the actions of the system. There are 4 major actions: import data, export data, bulk delete, and edit activities.
As each team member is added to a specific role, the specific actions in the system won't be available for that team member. For example, if a team member was added to a role where 'Edit Activities' is set to 'No', then they will still be able to send emails, leave notes, etc. but they won't have the ability to edit them.
If they were to click a note to edit, they would see the note's detail, but the 'Save' button that would allow them to make changes would not be there.
Editing an Existing Role
This is a good place to start when you first begin adding users to FreeAgent. Instead of creating new roles you can rename and edit existing ones to suit your needs.
Hover your cursor over the options menu icon near the Role you would like to edit and click on "Edit".
There are three tabs you have access to when editing a Role. Let's go over all three.
You can change the existing name of the Role to something that better fits your organization.
A description of the Role
Select which Users will be assigned to this Role.
Select the Actions that will be available for this Role. You will still need to decide which Apps this Role will have access to in the next tab. The Actions are:
- Import Records
- Export Records
- Merge Records
- Duplicate Records
- Bulk Edit
- Bulk Delete
After choosing which Actions to grant to the Role you need to decide which applications to grant that access to.
First, check the box next to the applications you wish to give access to. Then select the actions you would like to grant access to for each individual app.
In the Activities tab, you grant User permissions for the activities apps in FreeAgent.
Access Control Lists
Both the "Apps" and "Activities" tabs have an Advanced button. If you select this button all of the other buttons will automatically be switched off. This is because the Advanced button is for activating Access Control Lists. These allow Admins to control what Users can and can't do with an application on a per-field or per-record basis.
When hovering your cursor over the "Advanced" button an edit icon will appear. Clicking on it will take you to Access Control Lists.
ACLs are what define the access within each individual application. You can assign ACLs to each role you’ve created. Except for Admin, they have access to everything.
With FreeAgent CRM Access Control List (ACLs) you have the option to limit the access your team members have in your Apps, based on their Roles, in two different levels:
- Field - Limits write or read access to a specific field.
- Record - Limits create, delete, update, or read access to the records.
You can use conditions to specify further when a role should have limited access to those operations.
Add Access Control List
Click on "Add Access Control List".
Select the App for which you want to create the ACL.
Field - The Access level will apply at the field level (selected field*).
Record - The Access Level restriction will apply at the record level.
Choose the specific field you would like to use for this ACL.
4. Field and Record operation
If Field is selected as the type: Operations can be CREATE, READ, UPDATE, DELETE
If Record is selected as the type: Operations can be CREATE, READ, UPDATE, DELETE
Select the roles that should be able to perform the operation.
Next, if needed, you can create Conditions. These are especially useful when you expect the ACL to work only when certain circumstances occur.
Note: conditions can only be created for Records.
These rules are inclusive, meaning that all the rules you specify need to occur for the ACL to work. Just click 'Add Conditions' to create your own set of rules.
The operators will vary according to the type of field selected. Here is the list of those available:
|Is, Is Not
The selected value is included (IS) or excluded (IS NOT) from the filter results.
|Exists, Does not Exist
(Exists) can be any value for the selected record. (Does not Exist) no value exists for the selected record.,
There are some things to keep in mind when creating ACLs.
- Only the selected roles will be able to perform the selected operation. If the role is not part of the list, they won't be able to perform it.
- Conditions shouldn't be added when the ACL Type is Record and the operation is 'Create'. Since the record doesn't exist yet, there is no information available to match the fields used in the conditions.
- Once you create an ACL of type Record for any operation, it is required that you create ACLs for the other operations. If you only add one for 'Create', the other operations are not going to be available for any team member.
Creating a New Role
Click on the "Add Role" button to get started.
Give your New Role a name and optionally add a description that explains the reason behind the role. All of the same steps for editing a role apply to a new one.