This article is a guide to understanding roles and permissions in FastDraft.
This guide contains the following:
Note: Some features listed in the article require a Professional or Enterprise licence (speak to our Customer Success Team for a plan comparison).
User permissions overview
Let’s start by first understanding the structured roles and permissions in the platform. It breaks down into three tiers.
- Tier 1: User Type - User type is the top tier of permission and determines what areas of the platform a user can access. For the most part User Type assigns additional administrator privileges but some user types simply provide read access to all contracts (either for the whole site, a particular hub [i.e. region or department] or a particular supplier company). At any given point in time, each user can only be assigned a single user type.
- Tier 2: Party - Contractual responsibilities are determined based on party. The naming conventions can vary from contract to contract and are consequently configurable within the software. Each user can only be assigned to a single party per contract but the permissions assigned to a party can be adapted within the individual contract template where necessary (e.g. to allow a single user to act on behalf of both the Project Manager and Supervisor).
- Tier 3: Role - The terms of a contract normally dictate that certain named individuals are authorised to act on behalf of each party and may allow for those responsibilities to be delegated. Assigning a Manager role at Contract level typically allows a user to be able to send all communications (including replies) on behalf of the party they are assigned to. However, you may wish to grant permission to additional users to draft but not send (Support) or to only be able to view communications (Read Only). Should you require additional flexibility permissions of each role can be further tailored to your needs and there are additional roles (Cost Manager and Site Agent) that can be used to grant non-standard permissions.
Detailed breakdown of permissions
The following section provides a more detailed breakdown of the administrative privileges assigned based on User Type and the default contract permissions assigned based on Party and Role.
System permissions based on User Type
User Type is assigned when a Company User is created. User Types are used to control access to areas of the software and do not affect individual contract permissions.
User Types :-
- Site Administrator - Full control of all configurable aspects of the system, including contract templates and tags turning on/off embedded Power BI per user
- Site Support - Similar to Site Administrator but with no permission to delete attachments, and only 'read only' access to contract templates
- Company Administrator - Full control of all configurable aspects of the system (excluding system defaults), including company's master templates, contract templates, financial limits, tags, custom fields and turning on/off embedded Power BI per user but only for the users own company and adding/removing contract users but only contracts linked to a project linked to the same company as the user and only from companies with a previous association*
- Super Users - Similar to Site support but with no access to contract templates and no ability to deactivate/reactivate users
- Contract Administrator - A set of permissions tailored to administrators who need to create new contracts and add/remove users
- User Administrator - A set of permissions for users who will not be creating new contracts but only need permission to be able to add/remove users
- View All - Provides no administrative privileges but provides 'read only' access to all communicated notices on all contracts without necessarily needing to add the user to each individual contract
- View All Hub - Each contract can be assigned to a Hub, which can be an area or department depending on the needs of your organisation. Once you've defined Hubs you can grant 'View All Hub' type to any users who need 'read only' access to all contracts assigned to a particular Hub. Where enabled, a separate menu is available to allow you to assign company users to one or more Hub.
- View Own - Equivalent to 'View All' but only for Suppliers [Contractors]. Users assigned this type can see all contracts where their company is added as the Supplier without necessarily needing to add the user to each individual contract.
- General User - Has no administrative privileges and can only view contracts they are specifically assigned to.
- Note: Built Intelligence have 2 internal user types, System Owner and System Admin.
Site Administrator | Company Administrator | Site Support | Super User | Contract Administrator | User Administrator | View All | View Own | View All Hub | General User | ||
My Contracts Register | View all contracts | Yes | All contracts linked to a project linked to the same company as the user plus any where the user is a lead user in the Contract Overview | Yes | Yes | Yes | Yes | Yes | Only contracts where their company is added as the Supplier | Read Only access to all contracts assigned to a particular Hub | Only contracts they are specifically assigned to |
See Deleted Contracts | Yes | Yes | No | No | No | No | No | No | No | No | |
Companies | Create a Company | Yes | No | Yes | Yes | Yes | Yes | No | No | No | No |
Company Admin (Overview/Company Users/Hub Users) | Yes | Yes | Yes | Yes | Yes | Yes | No | No | No | No | |
Add Company Logo (if Company has not already had a logo) | Yes | Yes | Yes | No | No | No | No | No | No | No | |
Amend pre-existing Company Logo | No | No | No | No | No | No | No | No | No | No | |
Company Users - Financial Limits | Yes | Yes | Yes | Read Only | Read Only | ReadOnly | No | No | No | No | |
Companies - Company Update | Yes | Own company only | Yes | No | No | No | No | No | No | No | |
Deactivate/Reactivate Companies | Yes | Own company only | Yes | No | No | Yes | No | No | No | No | |
Users | Manage System Users | Yes | Yes | Yes | No | No | No | No | No | No | No |
Add Users to Multiple Contracts | Yes | Only users of companies they already have an association with* | Yes | No | No | No | No | No | No | No | |
Projects | Projects (Edit all except Status and Company) | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No |
Update Project Status | Yes | Yes | No | No | No | No | No | No | No | No | |
Contracts | Create a Contract | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No |
Contract Overview - Editing (all apart from Status) | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No | |
Update Contract Status | Yes | Yes | No | No | No | No | No | No | No | No | |
Contracts - Contract Users | Yes | Yes | Yes | Yes | Yes | Yes | Read Only | Read Only | Read Only | Read Only | |
Contracts - Contract Template | Yes | Yes | Yes | Read Only | Read Only | No | No | No | No | No | |
Contracts - Contract Email Recipients | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No | |
Contracts - Other Dates | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No | |
Contract Party Switcher | Yes | Yes** | Yes | Yes | Yes | Yes | No | No | No | No | |
Admin - Contracts - Assets | Yes | No | Yes | Yes | Yes | No | No | No | No | No | |
Master Templates/Workflows | Yes | Read Only | Read Only | No | No | No | No | No | No | No | |
Delete Attachments | Yes | No | No | No | No | No | No | No | No | No | |
Reporting | Aggregate Reports | Yes | Yes | Yes | Yes | Yes | No | No | No | No | No |
Contract Users Report | Yes | Yes | Yes | Yes | Yes | Yes | No | No | No | No | |
System Users Report | Yes | Yes | Yes | Yes | Yes | Yes | No | No | No | No | |
Customisation | Tags | Yes | Yes | Yes | No | Yes | No | No | No | No | No |
Custom Fields | Yes | Yes | Yes | No | Yes | No | No | No | No | No |
* The company has been selected as Client/PM/Supplier/PM/Supervisor in the contract overview on at least one contract that is linked to a project that is linked to the same company as the Company Administrator.
** Coming soon.
User Types are pre-defined and all exactly the same on all instances of the platform. New User Types cannot be defined and the privileges assigned to existing User Types cannot be changed without a code change.
Users with user administrative privileges [i.e. all User Types apart from View All, View All Hub, View Own and General User] can change any individual's User Type but cannot assign a User Type with more privileges than their own.
We have implemented a new permissions matrix to make clear which user types can be created/updated by which user types:
- Applies to creating user and updating the user type of an existing user
- Adds a new constraint that a Super User can only create a General User (or update an exiting user’s type to General User)
- This does not prevent other aspects of an existing user’s account being updated (e.g. a Super User can update a Site Administrator’s phone number without being obliged to change their user type but if they change their user type they will only be able to change it to General User)
Warning: Users with user administrative privileges [i.e. all User Types apart from View All, View All Hub, View Own and General User] can view all contracts and can manage their own contract level permissions.
Contract permissions based on Party and Role
Below defines the default set of permissions assigned to each Party and Role. However, these permissions can be tailored to specific requirements within each contract template.
Party
Each user is assigned to a Party via the Contract Users page. This determines which Party the user is acting on behalf of.
The number of different parties can vary from contract to contract but FastDraft caters for up to four different parties on a single contract and in generic terms these parties are initially defined as
- Client
- Project Manager
- Supervisor
- Supplier/Contractor
Party names are pre-configured in default contract templates to align to unamended versions of common contract templates e.g. NEC4 ECC, FDIC Yellow Book 2017, JCT Design and Build Contract 2016, etc.
Each user can only be assigned to a single Party per contract but the permissions assigned to a Party can be adapted within the individual contract template where necessary (e.g. to allow a single user to act on behalf of both the Project Manager and Supervisor).
The Supervisor role is not always applicable and can be removed from a contract template using the Party Structure dropdown.
Role
Each user is assigned to a Role via the Contract Users page. The user's Role reflects the user's authority to act on behalf of the Party they are assigned to under the contract.
The default permissions assigned to each Role are as follows:
- Manager - Read, Create, Communicate
- Support - Read, Create
- Read Only - Read
However, these permissions can be amended via the contract template and a custom set of privileges can be assigned to the following additional Roles where necessary:
- Cost Manager
- Site Agent
As a rule, only those individuals who have been specifically named within the contract or formally been delegated responsibility to act on behalf of each party should be assigned the Role of Manager.
The Manager Role typically allows a user to communicate on behalf of the party they are assigned to but that doesn't necessarily mean the communications they send will be contractually valid. Care should be taken to ensure that individuals are only assigned Manager Role if and when they are formally authorised to send communications.
Warning: The permissions assigned to each Party and Role can be amended for each process within each contract template. Furthermore, the contract template editor allows the permissions of a Party and/or Role to be adjusted at any time, in which case the permissions of the users previously assigned to each Party/Role will be dynamically updated. We recommend that administrators have a good understanding of contract law and construction contracts and also a good understanding of the organisation constraints and policies to avoid allowing user to do things that their employer might not allow. Correcting errors made in contracts incorrectly configured is very complicated. We recommend policies are in place to help manage this risk.
Comments
0 comments
Please sign in to leave a comment.