LeaveHub User Roles
Introduction
The User Roles system in LeaveHub provides a structured approach to managing user permissions and access levels within your organization. This system ensures that employees have appropriate access to features based on their responsibilities while maintaining security and organizational hierarchy. LeaveHub implements a three-tier role system that allows administrators to assign specific permissions to users based on their job functions and responsibilities. This guide will help you understand each role type and how to manage user roles effectively.
Key capabilities include:
- Defining user access levels based on job responsibilities
- Managing approval workflows through role hierarchy
- Maintaining system security through permission control
- Supporting organizational structure within the system
- Ensuring compliance with data access policies
The Three Role Types in LeaveHub
1. Global Admin
The Global Admin role provides comprehensive system access and is reserved for users who need to manage the entire LeaveHub app and organizational settings.
Complete System Access:
✅ Create, modify, and deactivate user accounts
✅ Assign and change user roles across the organization
✅ Manage organizational hierarchy and reporting structures
✅ Configure user access permissions and restrictions
✅ Bulk import/export user data
✅ Approve, reject, cancel leave request for all the users.
System Configuration:
✅ Set up and modify leave policies organization-wide
✅ Configure holiday calendars and special dates
✅ Manage notification settings
✅ Set up integration with external systems (Microsoft, etc.)
Advanced Analytics and Reporting:
✅ Access all organizational reports and analytics
✅ Generate custom reports across all departments
✅ Export comprehensive organizational data
High-Level Responsibilities:
⚠️ **Critical System Functions:**
- Complete override capability for any leave decision
- Access to all employee data across the organization
- Ability to modify or delete any system data
- Authority to configure organization-wide policies
Important Security Considerations
Global Administrator access should be limited to essential personnel only. Regular audits of Global Administrator assignments are recommended to maintain system security.
2. Leave Approver
The Leave Approver role bridges the gap between regular employees and system administrators, providing supervisory capabilities for team and departmental management.
Enhanced Capabilities:
✅ Approve or reject leave requests for assigned team members
✅ View comprehensive leave history for direct reports
✅ Add comments and feedback when processing requests
✅ Manage team leave calendar and scheduling conflicts
✅ Receive priority notifications for pending approvals
Reporting and Analytics:
✅ Generate team leave reports and summaries
✅ View team leave trends and patterns
✅ Export team data for external analysis
✅ Monitor team leave balance utilization
Access Limitations:
❌ Cannot access global administrative functions
❌ Cannot modify system-wide policies or settings
❌ Cannot manage user roles or permissions
❌ Limited to assigned team members only
❌ Cannot override global policy restrictions
❌ Cannot access organization-wide financial reports
3. User (Regular User)
The User role is the foundational access level designed for regular employees who primarily need to manage their own leave requests and access their personal leave information.
Detailed Capabilities:
✅ Submit new leave requests
✅ View personal leave history
✅ Check current leave balances
✅ Edit pending leave requests (before approval)
✅ Cancel future leave requests (within policy guidelines)
✅ Upload supporting documents for leave requests
✅ Receive email notifications about leave status changes
✅ View company holiday calendar
✅ Update personal contact information
Access Limitations:
❌ Cannot approve or reject other employees' leave requests
❌ Cannot access administrative functions or system settings
❌ Cannot view detailed information about other employees' leave
❌ Cannot modify company policies or holiday calendars
❌ Cannot generate reports beyond personal leave summary
❌ Cannot manage other user accounts or roles
Role Permissions Matrix
| Function Category | User | Leave Approver | Global Administrator |
|---|---|---|---|
| Personal Leave Management | |||
| Submit Leave Requests | ✅ | ✅ | ✅ |
| Edit Own Pending Requests | ✅ | ✅ | ✅ |
| View Own Leave History | ✅ | ✅ | ✅ |
| Cancel Own Future Leave | ✅ | ✅ | ✅ |
| Team Leave Management | |||
| Approve Team Leave Requests | ❌ | ✅ | ✅ |
| View Team Leave History | ❌ | ✅ | ✅ |
| Override Team Leave Balances | ❌ | ✅* | ✅ |
| Generate Team Reports | ❌ | ✅ | ✅ |
| System Administration | |||
| Manage User Accounts | ❌ | ❌ | ✅ |
| Configure Leave Policies | ❌ | ❌ | ✅ |
| Set Up Holiday Calendars | ❌ | ❌ | ✅ |
| Access System Reports | ❌ | Limited | ✅ |
| Manage User Roles | ❌ | ❌ | ✅ |
| System Configuration | ❌ | ❌ | ✅ |
| Data and Reporting | |||
| Personal Leave Reports | ✅ | ✅ | ✅ |
| Team Leave Analytics | ❌ | ✅ | ✅ |
| Organization-wide Reports | ❌ | ❌ | ✅ |
Last Updated: September 2024 Version: 1.0 Document Type: End User Guide