User Roles

For default 'Client' Role configuration, skip to this section.
 

In CivilPro, the access and authority of users are determined by their roles. Roles and Users can only be set up by Administrators.

To set up a role, the Administrator will have to specify the followings:

• An appropriate Role Name
• Access (User Levels)
• Authority 
• Purchase Order Approval Limit (if applicable)

In addition, the Administrator may need to consider other factors including, but not limited to: 

• the functions that the role needs to perform e.g. Administrator, User or Viewer
• if there are available paid seats
• if the user is an internal staff or from outside your organization
• if the user is required to add or edit
• what information needs to be safeguarded and restricted especially if the user is from outside your organization
• the appropriate permission levels relating to each item or register

Note: Please be aware that if a user is assigned more than one role to the same project, the higher level of Access and Authority will apply. Also, if one of the roles has these authorities ("Limit Ncr View To Published" and/or "Limit TestReq View To Completed") selected, the restrictions will override all the related Ncr and Test Request permissions in the other roles. For this reason, do not assign multiple roles to the same user in the same project unless you are sure that there are no conflicts in their Access and Authority. 

 

We can help, just ask - we appreciate that locking in correct permissions and visibility for Roles is very important. If setting up and managing Roles is something you'd prefer having some assistance with, book in some configution time with our CivilPro support team, and have peace-of-mind it's done right. 

 

Access 

Any role created will fall into one of the three User Levels available. The following table shows the three User Levels and what types of access are permitted.

User Levels	Notes	View Limited	View	Add	Edit	Admin/Delete
Administrator (Paid Seat)	At least one access to Admin/Delete	✓	✓	✓	✓	✓
Full User (Paid Seat)	At least one access to Add or Edit	✓	✓	✓	✓
Associate User (Free Seat)	View Only - no access to Add or Edit	✓	✓

What is the difference between “View Limited” and “View”?

View Limited provides view access only to items on the register that the user is associated with or linked to whereas View provides view access to all the items on the register.

Under View Limited access, the user can only view items in the register that are only:

• Allocated a link to them (e.g.  link to a Lot via Users under Related Items)
• Raised By them (e.g. NCR, Checklist)
• Addressed to or Copied (e.g. Approvals)
• Notice To/On Behalf of (e.g. Contract Notice)

Note: if View Limited and View access is given for a certain register, permissions 'stack' together, meaning that the Role will effectively have View permissions. Therefore, we advise assigning either View Limited or View.

Authority

Authority refers to specific actions that a user can perform with an item. For example, conform a Lot or verify a checklist.

When a user is granted access to "View" and "Edit" an item e.g. "Lot" , they still cannot "Conform" or "Guarantee" a lot until the authority for these actions are granted. Hence, for a user to view and edit a Lot, as well as Conform and Guarantee a Lot, the permissions are granted as follows:

 

 

In short, Authority is a list of specific actions that you want a sub-group of users with editing access to be able to do but not accessible to every user who can edit.

 

You can view Authority as an additional filter to control user permissions, in addition to granting View, Edit and Add access.       

 

Using the Collaborate actions under Authority

Under Authority, there are permissions that allow an associate user to collaborate in approvals, test requests, surveys and contract notice that are assigned to them. These are :

• Approval Collaborate NCR
• Approval Collaborate HPWP
• Approval Collaborate Independent 
• Survey Collaborate 
• Test Request Collaborate
• Contract Notice Collaborate

 

When granting these "Collaborate" permissions( under Authority), they can work with just  "View Limited" or "View" access ( under Access). Just bear in mind, that when "View" is granted, the user can view all the items in that register, including items that are not assigned to them.

 

For that reason, when you are sending an approval to an external contractor, it might be more appropriate to select " View Limited" with the corresponding "Approval Collaborate" action so that the person can view only the relevant approval request assigned to them.     

 

The benefit of using the "Collaborate" actions with "View Limited" access will save you from using your "Paid" seats and protect unnecessary exposure of information not relevant to third party collaborators.  

 

Using the "Limit ...to..." permissions under Authority 

Under Authority, there are two types of permissions which limit authority as follows : 

• Limit NCR View to Published
• Limit Test Request View to Completed  

Please note that these two permissions override all the other permissions, for example, if a user has been assigned a role in which they can "Approval Collaborate NCR" but also assigned as " Limit NCR View to Published", then they can view only published NCRs and collaborate only on those. 

These two permissions are usually used to limit what the users can view for NCRs and Test Requests.

Project Administration 

In some situations, you may want to delegate some of the project administration responsibilities to the Project Manager managing a specific project, such as being able to invite new users to the project. You can do this by only permitting "Edit" access under Project Administration (Roles - Access tab) to a specific project that you (the Administrator) have created. Please note that this permission is limited to only the project in which the user and role are linked to and does not apply to all projects. 

Note: Please be aware that when you assign a role (e.g. a Project Manager) the "Add" and/or "Edit" access under Project Administration, users with this role can edit or update Project Settings and Details. The Project Administrator will NOT be able to create new projects.

You have to be either a Subscription Administrator or a 'Global' Project Administrator to be able to create new projects - see below.

 

 

Global Roles

If users need to access all the projects in a database with consistent permission levels, the Administrator can link their role under 'Global Roles' instead of a specific project.