Understanding User Roles & Permissions
How roles, permission inheritance, and custom roles work in PEMS.
Understanding User Roles & Permissions
PEMS uses role-based access so each person sees only what they need.
System roles
- Owner — full control; pays the bill; cannot be deleted.
- Admin — everything except managing roles and ownership transfer.
- Sales Manager — areas, MRs, orders, and reports. No HR access.
- Medical Rep — field visits, plans, and orders on mobile.
- HR Manager — employees, attendance, and salary. No sales access.
- Accountant / Finance — ledgers, P&L, and payments (read-only on orders).
Custom roles
Create tailored roles in Settings > Users > Roles — for example "Regional Sales Manager – Punjab" with a specific area scope.
Key rules
- Permissions are checked on every action, not just the menu.
- You cannot grant a permission you do not hold yourself.
- The Owner account is protected — it can never be deactivated or down-scoped.
Review roles whenever someone changes job function to keep access tight.
Was this helpful?