Skip to content
English
More support Customer portal
Home
  • There are no suggestions because the search field is empty.

Understanding User Roles

Essal Office uses a role-based access model. Each user is assigned a role that determines their level of access across the entire system. On top of this, document-level permissions can further restrict or extend what individual users can do with specific documents.

Role Overview

  • Role: **Superuser**
  • Access level: Complete, unrestricted access. Can do anything in the system.


  • Role: **Staff (Admin panel access)**
  • Access level: Can access the administration panel. Not automatically a superuser.


  • Role: **Regular user**
  • Access level: Standard access. Can upload and manage their own documents. Subject to global and object-level permissions.

Superuser

A superuser bypasses all permission checks. They can see, edit, and delete every document regardless of ownership or explicit permissions. Superusers can also manage users, groups, workflows, tags, correspondents, and all system settings.

Best practice: Limit superuser access to 1–2 system administrators. Most admin tasks do not require superuser status.

Staff (Admin Panel Access)

Enabling "Is staff" gives a user access to the administration panel, but not necessarily superuser-level data access. Use this for IT staff or operations managers who manage settings but should not have unrestricted data access.

Regular Users

Regular users can: - Upload documents and manage their own documents - Search and filter the document list (subject to what they have permission to see) - Create and manage their own saved views and tags (if permitted) - Fill in metadata on documents they can edit

Regular users cannot: - See documents owned by others unless given explicit permission - Access the administration panel - Create or modify workflows, correspondents (in most configurations), or user accounts

Adjusting What Regular Users Can Do

The exact capabilities of regular users depend on global permission settings configured by the admin. For example, admins can:

  • Allow all users to create new tags or restrict this to admins
  • Allow all users to create new correspondents or restrict this
  • Set whether all users can see each other's documents by default

These settings are in Administration > Settings.

Role Assignment

Roles are set per user in the user edit page:

  • Check Is superuser to grant superuser status
  • Check Is staff to grant admin panel access
  • Leave both unchecked for a standard regular user

Roles are assigned one user at a time — there is no bulk role assignment. Permission diversity is instead achieved through groups (see Creating and Managing Groups).