Overview
Profiles define what users can do within Fentu FSM. Each profile contains a set of permissions that control access to features, data, and actions. By assigning a profile to a user, you grant them all the permissions in that profile.Design profiles around job functions, not individuals. Create profiles like “Dispatcher” or “Technician” that can be assigned to anyone in that role.
When to Manage Profiles
Configure profiles when:- Setting Up System - Creating initial permission structure
- New Job Functions - Adding roles that need unique permissions
- Security Changes - Adjusting what users can access
- Feature Rollouts - Enabling access to new features
- Compliance - Meeting security requirements
Profile Information
Each profile includes:| Field | Description |
|---|---|
| Profile Name | Descriptive name for the role |
| Description | Explanation of intended use |
| Permissions | Specific access grants |
| Users Assigned | Count of users with this profile |
| Status | Active or inactive |
Permission Types
| Type | Controls |
|---|---|
| Module Access | Which menu items/features are visible |
| Create | Ability to create new records |
| Read | Ability to view records |
| Update | Ability to modify records |
| Delete | Ability to remove records |
| Special Actions | Specific functions like approve, export |
Default Profiles
Common profiles included by default:Administrator
Full system access including:- All modules and features
- User management
- System configuration
- All data access
Dispatcher
Service coordination access:- Work orders (full access)
- Customers (view and edit)
- Technicians (view)
- Scheduling tools
- Material requests
Technician
Field work access:- Assigned work orders
- Mobile app access
- Time tracking
- Material usage
- Own schedule
Manager
Supervisory access:- Team work orders
- Reports and dashboards
- Approval functions
- Team member data
Read Only
View-only access:- View work orders
- View customers
- View reports
- No edit capabilities
Creating Profiles
Copying Existing Profiles
To create a similar profile:- Open existing profile
- Click Copy/Duplicate
- Modify name and permissions
- Save as new profile
Permission Configuration
Module Permissions
For each module, configure:| Permission | Grants |
|---|---|
| Access | Can see the module in navigation |
| List | Can view list of records |
| View | Can view record details |
| Create | Can create new records |
| Edit | Can modify existing records |
| Delete | Can remove records |
Data Scope Permissions
Limit data access:| Scope | Sees |
|---|---|
| All | All records in system |
| Branch | Records from assigned branch |
| Team | Records for assigned team |
| Own | Only own records |
Special Permissions
Feature-specific permissions:| Permission | Grants |
|---|---|
| Approve | Can approve requests/documents |
| Export | Can export data |
| Import | Can import data |
| Assign | Can assign work to others |
| Bulk Actions | Can perform bulk operations |
Profile Management
Auditing Profiles
Regularly review:- Which users have each profile
- Whether profile permissions are still appropriate
- If profiles are actually being used
- Compliance with security policies
Modifying Profiles
When changing profile permissions:- Review current users with this profile
- Assess impact of changes
- Communicate changes to affected users
- Make changes
- Verify everything works as expected
Deactivating Profiles
Before deactivating:- Check how many users are assigned
- Reassign users to different profiles
- Then deactivate
Deactivated profiles cannot be assigned to users but historical records remain. This is preferred over deletion for audit purposes.
Best Practices
Role-Based Design
Role-Based Design
Create profiles for job functions, not individuals. “Dispatcher” profile, not “John’s profile.”
Minimum Necessary
Minimum Necessary
Grant only permissions needed for the role. Avoid “everything” permissions unless truly needed.
Clear Naming
Clear Naming
Name profiles clearly. Anyone should understand what the profile is for from the name.
Document Profiles
Document Profiles
Maintain documentation of what each profile is intended for and why it has specific permissions.
Regular Review
Regular Review
Review profiles periodically. Remove unnecessary permissions, add needed ones.
Test Changes
Test Changes
Test profile changes with a test account before rolling out to production users.
Common Questions
Can a user have multiple profiles?
Can a user have multiple profiles?
Typically no. Each user has one profile. If someone needs combined permissions, create a new profile with the combination.
How do I give temporary elevated access?
How do I give temporary elevated access?
Temporarily assign a different profile, then switch back. Or create a specific profile for temporary situations.
What if I need slightly different permissions for one person?
What if I need slightly different permissions for one person?
Either create a new profile or see if data scope adjustments can achieve the goal without a new profile.
Can profiles be nested?
Can profiles be nested?
Not typically. Each profile is independent. Use profile copying to maintain similar sets.
What's the difference between no access and view-only?
What's the difference between no access and view-only?
No access: user can’t see the module at all. View-only: user can see and browse but not create/edit/delete.
How do branch restrictions interact with profile permissions?
How do branch restrictions interact with profile permissions?
Profile permissions determine what you can do. Branch restrictions determine which data you can see. Both apply.
Related Documentation
User Management
Creating and managing users
System Settings
Global security settings
Branches
Branch data scope
Teams
Team data scope