How do I set permissions?

Talexio Support
Talexio Support
  • Updated


What you can see and do on Talexio depends on the permissions you have in place. These rights can be granted either on an individual level or via a permission role. It is important to grant users the correct permissions before giving them access to Talexio. Although this might sound daunting, the instructions in this article will make things much simpler for you.


To be able to set permissions, you will need the Manage Permissions permission set on Global (more information on this will be explained further on). You can also assign users permission roles if you have the Assign Roles permission. For information on this, click here

What is a permission?

A permission is the right to perform a particular action. A permission can be granted at a local level or a global level. For example, I may have the right to approve leave for certain employees. 

The below are examples of permissions:



What is a role?

A role is a collection of permissions that you can create to give the same permissions to multiple users without having to modify each employee’s permissions individually. A role would be linked to many employees and many permissions. For example, an Admin role includes the rights to do anything on the system. A team member role, on the other hand, has basic permissions such as requesting leave.



When setting up your Permissions structure, it is best to set up the role first. You can then assign employees this role. When using Talexio for the first time, a number of default roles will have already been set up (but will not have been assigned to employees) The default roles are:

  1. Admin (this role gives the user the rights to everything on the system);
  2. Team Member (this is a basic employee role which allows the user to view their own personal data and request leave for themselves);
  3. HR Manager (this role gives the user the rights to approve leave and manage employee data - but not payroll);
  4. Manager (this role is the same as the HR Manager role, but it only allows the user to approve leave and manage employee data of employees within their own department);
  5. Payroll Admin (this role gives the user the rights to manage payroll for the company).



Global, unit, and employee level permissions

When adding a permission, you need to select what level the permission is granted. There are 3 levels: global, unit, and employee.


Global permissions grant access to the particular feature globally. For example, if employee X has the 'Approve Leave' permission assigned to him/her and this is set to 'Global', this means that employee X can approve the leave of anyone in the company. 



Unit Permissions

Unlike Global permissions, local permissions require you to choose over which Units (Departments) or Employees the permission applies. For example, the permission to ''View Employment Position History'' of the Human Resources department only. Multiple departments can be added this way.



When adding a permission at unit level, you may select “include self”. To use the above example, if you have 'View Employment Position History' permission on your own unit/department and including yourself, it means you will be able to view the positions of anyone within your department including yourself. If ''Include self'' is unticked then you will be able to see the positions of the employees within your department excluding yourself?

Employee Permission

You might want to give certain employees permission to action certain tasks for specific people. For example, Manager X can approve leave of own unit and also of the front office receptionist who falls in another unit.





Granting users permission

So how do you actually grant a user permissions? Keep reading for a step-by-step guide:

Assigning a user to a role

      1. Go to the Permissions section
      2. Choose the Permission role by clicking on it. The middle column will show you the permissions assigned to that role. 
      3. In the 3rd column (employees), there is a button '+Assign employee'. Click on it and select the employee.

Assigning additional permissions

After setting up the employees within Roles, you may add additional permissions directly to the employee. 

For example, Employees A, B, and C may all be in the Team Member role. Therefore, each of these employees can request leave for themselves and can view their profiles (including their annual salary or hourly rate). However, it might be that employee C should have the permission of approving the leave of Employees A and B. Since this permission needs to be given to Employee C only, we will need to give the employee an additional permission. 

To do so, follow the below steps:

    • Go to the Permissions section
    • Choose the Permission role by clicking on it. 
    • In the 3rd column (employees), you will see the list of employees who have the Team Member role. Click on the employee to whom you wish to give additional permission(s).


    • The view will change slightly. The first column will become the employee list (with the chosen employee still selected). The second column will now show the Roles which the employee has assigned to him/her (an employee may have more than one Role assigned to them). The third column will show any additional permissions:


    • Click '+Assign permission' to grant the employee and additional permission. 


      1. Select the permission from the drop down menu. For example, select 'Approve Leave'.
      2. Grant this permission globally. This means that the employee (in this case, Yan Attard) will be able to approve the leave of everyone within the company. If this should not be the case, then you can select one of the two remaining options:
      3. Select employees. Click on '+Add employee'. For example, add Mark Aquilina and Kate Abela. Like this, Yan can approve the leave of Mark and Kate only. But if that is not the case, then there is one more option.

      4. Select units. Click on '+Add unit'. For example, add Own unit. Like this, Yan can approve the leave of anyone who falls within their department (as per the organisation chart structure). By default, clicking on '+Add unit' will bring up your own unit. The switch 'include self' will also be selected. If you want to remove self (in this case self refers to the employee to whom this permission is being given, i.e. Yan Attard), just untick the switch. 


      • One more thing you may want to do is give your employees a permission (such as 'Approve Leave' for their own unit) but exclude certain employees from this. So let's say Yan can approve the leave of his own unit/department. However, within this department are 2 directors whose leave Yan does not have permission to approve. In that case, you will still need to add the unit. After doing so, add the two employees and click on the exclude switch: 


      Can I customise an existing role?

      Earlier, we mentioned that there are pre-set roles, such as Team Member. However, you are at complete liberty to edit or delete any existing roles. Of course, you may also create a new role entirely. 

      As per the below screenshot, clicking on the delete icon will remove a role. Clicking on the edit icon will edit the name of the role.


      To edit the contents of the role, click on the role:



      If you want to add a new role entirely, follow the below steps:

      • Go to the Permissions section
      • Select '+Create Role' and give the role a name
      • Then click on the role and click on 'Assign Permission'. From the list, select the permissions applicable to this role (they may be edited at a later stage should you wish to). Select whether these permissions are going to apply on a global, employee or unit leave and press save.


      • Lastly, click on '+Assign Employee' and select the employees who are to be assigned to this role. An employee may be added or removed at any stage. 

      Do I need to refresh Talexio if I change an employee's permissions?

      When you change permissions for a user (add more permissions or remove permissions), the user concerned might need to refresh their page in order to see the new changes taking effect.

      For a list of all available permissions, click here.