Help Document
About Manager Hierarchy for Internal Security

    A Manager Hierarchy allows Administrators to further organize internal Security Roles. By assigning a Manager to an internal user, the internal user will have a certain set of permissions to access and edit various records, as well as those of their hierarchical superiors or subordinates, if any.

    Users with a Manager can be given one of the six permissions in the Read, Edit, and Delete access levels: Private, User and Direct Subordinates, User and All Subordinates, Team and Direct Subordinates, Team and All Subordinates, and All.

    Below is a representation of a Manager Hierarchy applied in a typical company. The grey box signifies a User account or role that has been configured to one of the six permission levels. Each colored box indicates other account or role records that the User may have access to, depending on the permission type.

     Manager Hierarchy

     

    The following use cases depict situations in which specific permissions established in a Manager Hierarchy can determine access to records:

    1. Private: A User can only access personally created or owned records
      (A user can only access his or her own records)
    2. User & Direct Subordinates: A User can access personally created or owned records and those of Users one hierarchical level below
      (If Adam is a Manager of Brian, then Adam can access his own records and the records of Brian)
    3. User & All Subordinates: A User can access personally created or owned records and those of all Users under his or her hierarchical level
      (If Adam is a Manager of Brian and Brian is a Manager of Jane, then Adam can access his own records, as well as the records of Brian and Jane)
    4. Team: A User can access personally created or owned records, as well as the records of his or her Manager, and those on an equal hierarchical level
      (If Adam is a Manager of Brian, then Brian can access Adam’s records, as well as the records of anyone else that Adam is a Manager of)
    5. Team & Direct Subordinates: A User can access personally created or owned records, as well as the records of his or her Manager, equal-level Users, and Users of one hierarchical level below
      (If Adam is a Manager of Brian and Brian is a Manager of Jane, then Brian can access the records of Adam, anyone else that Adam is a Manager of, and Jane)
    6. Team & All Subordinates: A User can access personally created or owned records, as well as the records of his or her Manager, equal-level Users, and all Users under his or her hierarchical level
      (If Adam is a Manager of Brian, Brian is a Manager of Jane, and Jane is a Manager of Scott, then Brian can access the records of Adam, Jane, and Scott)
    7. All: Access personally created or owned records and all records in the organization, regardless of the Manager Hierarchy
      (A user can access everyone’s records)

    An important note: This functionality can only be applied to Magentrix-native entities, it is not usable for external objects such as Salesforce objects.


    << Understanding Security for External Users | Creating and Configuring Managers >>