Three concepts are differentiated into OpenERP;
The users: person identified by his login/password
The groups: define the access rights of the resources
The roles: determine the roles/duties of the users
They represent physical persons. These are identified with a login and a password. A user may belong to several groups and may have several roles.
A user must have an action set up. This action is executed when the user connects to the program with his login and password. An example of action would be to open the menu at 'Operations'.
The preferences of the user are available with the preference icon. You can, for example, through these preferences, determine the working language of this user. English is set by default.
A user can modify his own preferences while he is working with OpenERP. To do that, he clicks on this menu: User > Preferences. The OpenERP administrator can also modify some preferences of each and every user.
The groups determine the access rights to the different resources. There are three types of right:
The writing access: recording & creation,
The reading access: reading of a file,
The execution access: the buttons of workflows or wizards.
A user can belong to several groups. If he belongs to several groups, we always use the group with the highest rights for a selected resource.
The roles define a hierarchical structure in tree. They represent the different jobs/roles inside the company. The biggest role has automatically the rights of all the inferior roles.
Chief of projects
If we want to validate the test of a program (=role Testers), it may be done by a user having one of the following roles: Testers, Chief of the project, Technical manager, CEO.
The roles are used for the transition of Workflow actions into confirmation, choice or validation actions. Their implications will be detailed in the Workflow section.