Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.

 

Role Ranks

  1. Last updated
  2. Save as PDF

Role Ranks

Role The Role Rank is a system designed to assign specific permissions to users based on their role within an organization. It serves as a way to establish a hierarchy of access levels, allowing organizations to control which roles have access to particular features or data. The Role Rank ranges from 0 to 255, with higher ranks granting broader access to workflows and data created within the system.

How Role Rank Works

The Role Rank is assigned based on the designations and hierarchy within an organization. This system determines which roles have specific permissions or access.

If a user's role is added to the designer permissions, the following applies:

  • If their Role Rank is lower than that of the current assignee, the action item in the workflow dashboard will not be visible.
  • This visibility is also controlled by Role Ranks.

A user's role rank is determined as the highest among all roles assigned to them.

  • An anonymous user is assigned a Role Rank of 0, which is the minimum available.
  • The maximum Role Rank is 255, assigned by default to the Super Admin role.

Super Admins have the authority to grant access to workflows or data to other roles or departments. Only after this permission is granted can those roles access specific workflows.

Workflow Roles and Role Rank

Under the ‘Administration’ tab → Application Permissions → for a workflow, user permissions are assigned based on their Role Rank. The system automatically checks the user's role name and assigns viewing permissions. 

For example:

  • If a user has only view permissions, they will be able to see records but not edit them.
  • If a user has a TAP Role Rank but lacks the "Allow to manage workflow" permission, they will only see the "Edit Request" and "Reassign" buttons on the dashboard. In this scenario, the user can view the record but cannot manage it. For stages assigned to multiple users or collaborative stages, only the "Edit Request" option will be available.

  • For other actions, such as "Cancel Signature," the "Allow to cancel eSignature Documents" permission must be granted, after which Role Rank comparison will come into effect. They will only see basic information like Request Number, Edit, Show Linked Records, Resend Notification, and Remove.

Role Rank and Visibility

The Role Rank system is flexible and customizable, depending on the client's environment and use cases. Organizations can assign ranks based on internal hierarchies, enabling a structured and secure workflow. 

Role Rank with Multiple Roles

If a user is assigned to more than one role, the permissions of the role with the highest rank will be applied. The visibility and access will be based on this maximum Role Rank.

  1. If the assignee’s Role Rank is higher than the user who initiated the workflow, the assignee will be able to view the record without needing explicit visibility permissions. Let us clearly understand this with the following use case:

Use Case: Managing Workflow Visibility and Action Permissions Based on Role Ranks

A workflow named "CNDA" is created by a super admin. The workflow consists of two stages. At the second stage, a user with the role "Legal" and rank 20 is assigned. The workflow has "Visible to Requestor" permission enabled, as well as "Allow to Manage Workflow" permission for the "Finance" role (rank 20). Additionally, it has "Visible to Dashboard" permission for the department associated with users in the Finance role.

After the super admin initiates and submits the workflow, the following occurs:

  1. Legal Role User (Current Assignee): The user with the "Legal" role can view the workflow on their dashboard due to the "Visible to Requestor" permission. As the current assignee, they also see the "Edit Request" and "Reassign" options.
  2. Finance Role User: The user with the "Finance" role can also view the workflow on their dashboard based on the "Visible to Dashboard" permission. Since the Finance role's rank (20) is equal to the Legal role’s rank, the user with the Finance role can see both the "Edit Request" and "Reassign" options. However, if the Finance role had a rank lower than 20, the user would not see these action buttons.
  1. Users with lower ranks can only view records if they have been granted visibility to the TAP dashboard. The Role Rank logic system applies to collaboration stages. In a standard collaboration stage without section-based permissions, the Role Rank logic is applied. However, in stages with section-based permissions, the Role Rank logic does not apply.

Let us understand this better with the following use case:

Use Case: Role Rank and Section-Based Permissions in a Collaboration Stage

Collaboration Stage Setup:

  • A collaboration stage in a workflow has three types of users:

    • Member (Role Rank: 10)
    • Editor (Role Rank: 15)
    • Administrator (Role Rank: 25)

  • The stage does not have section-based permissions applied.

  1. A user who is not part of the collaboration is granted the following permissions:

  • "Visible in Dashboard" permission
  • "Allow to Manage Workflow" permission
  • The user has a Role Rank of 12.

  1. Since this user's Role Rank (12) is higher than the Member role (Rank: 10) but lower than the Editor (Rank: 15) and Administrator (Rank: 25), they are granted access to the "Edit Request" action in the workflow.

  2. However, their permissions within the form itself are limited:

  • They can view the form data as a Member because their Role Rank is higher than 10 (Member).
  • They cannot edit, save, or submit the form since their Role Rank is lower than 15 (Editor) and 25 (Administrator).
  • If their Role Rank had been equal to or higher than the Administrator's (Rank: 25), they would have been able to fully edit, save, and submit the form.

Additional Scenario with Section-Based Permissions: 

  1. If section-based permissions are applied to the collaboration stage, and a Member (Role Rank: 10) is explicitly listed under the Section-Based Permissions tab, the system enforces stricter access controls:
    1. Even though the external user with Role Rank 12 has the "Allow to Manage Workflow" permission and a Role Rank higher than the Member (Role Rank: 10), they will not be able to access the "Edit Request" action.
    2. This is because section-based permissions take precedence, and users listed within the Section-Based Permissions tab are prioritized, regardless of Role Rank comparison with users in the general collaboration tab.

This use case demonstrates how permissions in a collaboration stage are influenced by both Role Ranks and section-based permissions. A user’s ability to view or edit the form depends on their Role Rank relative to other roles, but section-based permissions can override general Role Rank-based access, enforcing stricter controls on specific users.

The Role Rank system is a powerful tool to manage permissions and workflow access within an organization. It offers a structured hierarchy that helps control user access based on role designation, making it possible to manage workflows and data securely. Role Rank ensures that access is granted according to an organization's needs, providing flexibility while maintaining data visibility and security.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
  2. Tags
    1. Mutliple Roles
    2. TAP Role Rank
    3. Workflow rank
    4. Workflow Role