Roles and Permissions for Multiple Locations and Tiered Organizational Structure

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered
We have a Corporate Headquarters and Multiple Stores. Our headquarters will need access to all stores. At each Store, there will need to be at least two different levels of access (possibly more). These levels of access will be the same across all of our stores; however, each store (regardless of what level of access that you have) should only have access to their respective store and its related records. What is the best way to organize this?

Thank You!
Photo of ltduran

ltduran

  • 590 Points 500 badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Matthew Neil

Matthew Neil

  • 31,438 Points 20k badge 2x thumb
At least at the high level you will have 2 tables.

HQ & Stores.

One way to handle access at the store level is to have a field on the stores table called "Users with access".
This is a multi-select User field.  So as long as you don't have more than 20 'store users' per store.  Then you can use this field to indicate which users can view that store (and possibly all the child records).

You will then have your 3 roles; HQ User, Store Management, Store Employee.
Then you can apply the 'viewing' rights to the store users where they are listed in the 'users with access' field.

If you are going to have more than 20 users per store, there are a few other ways to do this, but much more tricky to set up.
Photo of ltduran

ltduran

  • 590 Points 500 badge 2x thumb
Thanks for your reply! This sounds like a great solution. Is there a way to do a multi select user field? I can't seem to find it. Thanks!
Photo of ltduran

ltduran

  • 590 Points 500 badge 2x thumb
Nevermind, I figured this out! This is a great solution, thanks!
Photo of ltduran

ltduran

  • 590 Points 500 badge 2x thumb
Is there a way to have this affect child records?
Photo of Matthew Neil

Matthew Neil

  • 31,438 Points 20k badge 2x thumb
Pass that "Users with Access" field as a lookup field to all the child records. 

Then adjust the roles/permissions to use that field for access. Viewing and/or modifying.
Photo of ltduran

ltduran

  • 590 Points 500 badge 2x thumb
Great, thank you!