Set Up Role Permissions
Set Up Role Permissions
Section titled “Set Up Role Permissions”Permission profiles in HARi CRM give you fine-grained control over what each team member can see and do. You define profiles once, then assign them to users. When you update a profile, the changes apply to all users with that profile immediately.
Understanding Permission Levels
Section titled “Understanding Permission Levels”For each entity, a permission profile controls four actions:
- Create — Can the user create new records?
- Read — Can the user view records?
- Update — Can the user edit existing records?
- Delete — Can the user delete records?
Additionally, you control the record scope — which records the user can access:
- All — The user can see every record in the entity
- Own — The user can only see records assigned to them
- Team — The user can see records assigned to anyone in their team
Creating a Permission Profile
Section titled “Creating a Permission Profile”- Go to Settings > Permission Profiles
- Click New Profile
- Enter a descriptive name (e.g. “Sales Representative”, “Support Agent”, “Executive”)
- For each entity, configure the permissions:
Example: Sales Representative Profile
Section titled “Example: Sales Representative Profile”| Entity | Create | Read | Update | Delete | Scope |
|---|---|---|---|---|---|
| Contacts | Yes | Yes | Yes | No | Team |
| Companies | Yes | Yes | Yes | No | All |
| Opportunities | Yes | Yes | Yes | No | Own |
| Activities | Yes | Yes | Yes | Yes | Own |
| Invoices | No | Yes | No | No | Own |
| Tasks | Yes | Yes | Yes | Yes | Own |
- Click Save
Common Profile Templates
Section titled “Common Profile Templates”Manager
Section titled “Manager”- Same entity access as Sales Representative
- Record scope set to All for Opportunities and Activities
- Read access to all entities for reporting
Finance
Section titled “Finance”- Full access (CRUD) to Invoices
- Read-only access to Companies and Contacts
- No access to Opportunities or Leads
Marketing
Section titled “Marketing”- Full access to Contacts and Leads
- Read-only access to Companies
- No access to Invoices or Opportunities
View-Only
Section titled “View-Only”- Read access to all entities
- No create, update, or delete permissions
- Scope set to All
Assigning Profiles to Users
Section titled “Assigning Profiles to Users”- Go to Settings > Users
- Select a user
- In the Permission Profile field, select the profile
- Save
Testing Permissions
Section titled “Testing Permissions”After configuring a profile, verify it works as expected:
- Log in as a user with that profile (or ask them to test)
- Check that they can access the correct entities in the sidebar
- Verify that they can only perform the allowed actions
- Confirm the record scope works (they see only their own records, or all records, depending on the setting)
Updating a Profile
Section titled “Updating a Profile”When you modify a permission profile, changes take effect immediately for all users assigned to that profile. No need to re-assign users.
Next Steps
Section titled “Next Steps”- Add a User to assign the profile to new team members
- Inviting Your Team for the full team setup guide
- Create a Custom Entity — remember to add new entities to your permission profiles