User Groups

User Groups are a powerful way to manage users with similar roles and permissions within the system. They allow administrators to organize users into logical groups, simplifying user management and permission assignment across the application.

User Groups act as containers for users who share similar responsibilities or access needs. Instead of managing permissions for each user individually, administrators can assign roles and permissions to a group, and all members of that group automatically inherit those privileges.

• Simplified User Management: Manage multiple users as a single unit
• Consistent Access Control: Ensure users with similar roles have identical permissions
• Reduced Administrative Overhead: Apply changes to multiple users at once
• Improved Organization: Logically group users based on departments, roles, or functions
• Enhanced Security: Provide more precise control over who can access what features

Administrators can create user groups by providing a name and optional metadata. Once created, users can be added to the group, and specific roles and permissions can be assigned to the group.

Users can be added to one or more groups. This flexibility allows for users who serve multiple roles in an organization to have the appropriate access for each of their responsibilities.

Each user group can be assigned specific roles and permissions. These determine what actions members of the group can perform within the system. Roles are collections of permissions that represent common job functions.

Administrators can:

• Add new users to a group
• Remove users from a group
• View all members of a group
• Update group information and metadata

Create user groups for different departments (Finance, HR, Purchasing, etc.) and assign appropriate access permissions to each group.

Define groups based on job roles (Approvers, Buyers, Managers, etc.) to ensure consistent permissions across similar positions.

Create temporary groups for project teams that need specific access for the duration of a project.

Configure approval chains by assigning user groups as approvers for purchase orders, quotes, or other documents.

To manage user groups, administrators need these permissions:

• user-group-list: View existing user groups
• user-group-create: Create new user groups
• user-group-update: Modify existing user groups
• user-group-delete: Remove user groups
• user-group-restore: Restore deleted user groups

• Only administrators with proper permissions can create and manage user groups
• User groups are client-specific, meaning each client in the system has their own set of user groups
• Only the client that owns a user group can view or modify it
• Users can only be added to groups within their own client organization

1. Use Descriptive Names: Give user groups clear, descriptive names that indicate their purpose
2. Regularly Review Membership: Periodically review group memberships to ensure they remain current
3. Minimize Group Overlap: Try to minimize the number of groups a single user belongs to
4. Document Group Purposes: Maintain documentation about what each group is for and what access it provides
5. Start with Minimal Permissions: Assign only the permissions necessary for the group's function

By effectively utilizing user groups, organizations can maintain better control over system access while simplifying the administrative workload of managing users and their permissions.