Skip to main content

Permissions - Configuration and Usage Manual

Updated

Users in Buk can have an assigned profile. This profile is composed of a set of permissions configurable in the Profiles section of the Users and Profiles module.The following image shows the structure used to organize the permissions within a profile, includingTabs,Entities or Groupers,PermissionsandActions.

Hierarchical structure of permissions

Permission configuration in Buk follows a hierarchy that allows organizing access by levels and avoiding inconsistencies between modules. These are its components:

Tabs

They are the general accesses to each module or area of the platform (for example: Administrativo, Remuneraciones, Información, Sistema).
If a tab is not enabled, no internal part of the module can be used.

Entities or Groupers

They are sections within each tab that group several related permissions together.
Example: insideAdministrativo, the groupColaboradorescontains permissions such as Información personal, Previsión, Trabajos, etc.

Permissions

They are the specific accesses within each grouping. Each permission controls what type of information or process a user can view or modify.

Actions

When configuring a profile, you can define these actions for each module or type of information. The available actions vary by grouping, and are:

  • No: No permission to view the information.
  • Yes: Permission to use the module.
  • Read: Can view information, excluding sensitive information.
  • Sensitive read: Can view all information, including sensitive data related to payments (for example, base salary, gratifications, bonuses, among others).
  • Modification: Can view and modify information.

Some permissions have additional actions depending on the capabilities of the associated module.

The ability to edit actions may vary depending on the subscribed plan (Esencial or Pro). To better understand this segmentation, review the article:How do permissions work according to the subscribed plan (Esencial or Pro)?

Dependencies between permissions

Some permissions require another permission to be configured at a minimum level to enable their use.

When a change requires updating dependent permissions, the platform will show aconfirmation modalto prevent lockouts or inconsistent configurations.
 

Below, all permissions available on the platform are presented in detail:

⚠️ Note:
If you cannot find a permission in your platform, it may be because you do not have the corresponding module, it belongs to another country, or it is deactivated. To activate it, please contact a SAC agent for assistance.

Administration

Employee Management

  • Employees:Allows viewing or modifying the employee's personal and social security information. Users with the "employees" permission and without the "trabajos" permission can see the following "importadores", "exportadores" and "Ficha del empleado".

🚧 Permission subject to Area Limit

  • Trabajos:Allows viewing or modifying the employee's contractual information. If the user has the "trabajos" permission, they will see the employee record opened from the “resumen”.

📌Dependencies: To access Trabajos, at least read permission on Employees is required

🚧 Permission subject to Area Limit

  • Block by RUT/RFC/RG/CPF/Document number:Blocks rehire. The employee may apply to other selection processes and be an applicant on the condition that the block icon will be shown and a new record or new work cannot be created

🚧 Permission subject to Area Limit

  • Logs and Notes:Allows viewing or modifying records in the employee's log and notes. It also allows leaving comments associated with performance evaluations. It will allow viewing the log in the employee file (feedback, action plans, evaluation and recognition) and also editing them.

🚧 Permission subject to Area Limit

  • Vacation record:Allows viewing or modifying the vacation record and request. Will be able to view and/or edit the vacation record (load balances, add taken vacations).

🚧 Permission subject to Area Limit

  • Vacation Approval:Can be modified only when the Vacaciones permission is set to Read. Will be able to view vacation requests to approve or reject them.

📌Dependencies: This permission depends on “Registro de Vacaciones” being in Modification

🚧 Permission subject to Area Limit

 

Advances

  • Advances:Allows consulting the advances made through Buk Adelantos. This permission is not subject to area limits.
     

Requests

  • Requests:Allows viewing workflow requests. Modification: Allows modifying, deleting and approving workflow requests and templates. Modification allows creating new workflow templates, and viewing, downloading, approving, rejecting, deleting and returning any request. Read allows viewing and downloading any request. Additionally, requesters and participants in the request approval flow will be able to view and interact with them.

    📌New hire and Movement requests are subject to area limits (they are not visible from the requests view if they do not correspond to the permitted areas).
    🚧 Flexible Requests, Termination, Pre-entry and Search are not subject to area limits.

    Form fields can be limited by area permissions from the template configuration. For more detail, you can see the articleHow do permissions work in the Workflow module?

Organization

  • Positions:Allows managing and viewing positions across the platform. Specifically the viewing of the Positions section. To have editing over positions you must have the Trabajos permission. This permission is not subject to area limits.
  • Areas:Allows viewing and editing the company's area structure, particularly access to the Areas section. Area limits may filter part of this permission. This permission is not subject to area limits.
  • Locations:Allows viewing and creating locations. This permission is not subject to area limits.
     

Compensations

  • Salary Bands:Allows viewing or modifying the salary bands of positions. Allows editing the bands only if you have the edit permission.
     

Attendance

  • Attendance:Allows viewing or modifying attendance information for the employee. Has permission to view and/or edit employees' attendance calendar (vacations, leaves, absences, permissions).

🚧 Permission subject to Area Limit
 

  • Vacation Configuration:Allows viewing or modifying vacation types. Will allow viewing vacation types and modifying them (apply number of overdrafts, change the vacation name, change the type of approval and whether it expires or not). This permission is not subject to area limits.

Documents and Signature

  • Employee Documents:Allows viewing or modifying employee documents. On one hand, it allows accessing Documents > All on the profiles of all employees. On the other, it allows accessing the documents table, particularly the tabs: All pending, All documents and Trash.

🚧 Permission subject to Area Limit
 

  • Templates:Allows access to the Templates section within Documents and Signature. This permission is not subject to area limits.
     

Onboarding

  • Onboarding:Allows viewing and creating processes. Read: access to view onboarding processes and their tasks. Modification: also access to create and modify onboarding processes. This permission is not subject to area limits.
     

Asset Management

  • Asset management Inventories and orders:Allows creating Categories and Products to create an asset from them, along with granting access to inventory and the orders hub. This permission is not subject to area limits.
  • Asset management configuration:Allows creating, assigning and generating movements for assets, as well as managing orders. Grants access to the product catalog that serves as the basis for asset creation. This permission is not subject to area limits.

     

Payroll

Processes

  • Processes:Allows creating and managing processes. Modification is allowed only when the Colaboradores permission has at least Sensitive Read. Modification is allowed only when the Colaboradores permission has at least Sensitive Read.

📌Dependencies: To access Electronic Payroll, you must have at least Sensitive Read on Colaboradores

🚧 Permission subject to Area Limit

  • Changes in Restricted Liquidations/Change in the payroll receipt:When set to "Modification" it allows the user to enter changes in the liquidations that are under restriction. When set to "Modification" it allows the user to enter changes in the liquidations that are under restriction. The user should at least have some permission to modify open liquidations.

📌Dependencies: can only be enabled if at least one of the following permissions is at Modification level

  • Trabajos

  • Item assignment

  • Asistencia

🚧 Permission subject to Area Limit

 

Boletas de Honorarios

  • Boletas:To be able to modify boleta orders you must at least have read permission on servicios honorarios. In read it allows viewing boleta orders and in modification it also allows creating them. The servicios de honorarios permission must be at least in read.

📌Dependencies: This permission depends on the “Servicio de Honorario” permission being active

🚧 Permission subject to Area Limit

  • Services:In read it allows viewing servicios de boletas de honorarios and in modification it also allows creating them.

🚧 Permission subject to Area Limit
 

Items

  • Items:Allows creating items or modifying existing ones. Allows viewing, creating or modifying items, depending on the permission level.

🚧 Permission subject to Area Limit

  • Item Assignment:Modification is allowed only when the Items Administration permission is assigned the 'read' or 'modification' permission. Allows assigning items and depends on the administration permission (it must be at least in read).
    📌Dependencies: This permission depends on one of these permissions being in 'Modification':
    • Trabajo
    • Items
    • Asistencia
  • 🚧 Permission subject to Area Limit

 

Tratos

  • Tratos Administration:Allows creating or modifying places, tasks, rates  and units of tratos.

🚧 Permission subject to Area Limit

  • Tratos Registry:Allows assigning and viewing tratos assigned to employees.

🚧 Permission subject to Area Limit

 

Final settlements

  • Final settlements:In read it allows viewing or exporting final settlements. In Modification it also allows simulating, importing and creating final settlements. In read it allows viewing or exporting final settlements. In Modification it also allows simulating, importing and creating final settlements.

📌Dependencies:

  • If Trabajo has Modification, then Finiquitos is set to Modification.
  • If Trabajo has Sensitive Read, then Finiquitos is set to Read.
  • If Trabajo has Read or No, then Finiquitos is set to No

🚧 Permission subject to Area Limit

 

Files and payments

  • Download Payroll File:Allows downloading the bank transfer. Modification can be granted only if you have the Processes permission and at least Sensitive Read in Colaboradores. Allows downloading the bank transfer. Modification can be granted only if you have the Processes permission and at least Sensitive Read in Colaboradores. This permission is subject to area limits.

📌Dependencies: This permission depends on the “Procesos” permission being active

  • Send Payroll File:Allows sending bank file to an sftp/Ftp server. Modification can be granted only if you have the Processes permission and at least Sensitive Read in colaboradores. Allows sending bank file to an sftp/Ftp server. Modification can be granted only if you have the Processes permission and at least Sensitive Read in colaboradores. This permission is subject to area limits.

📌Dependencies: This permission depends on the “Procesos” permission being active
 

 

Electronic Payroll

  • Electronic Payroll:Allows issuing electronic payroll

📌Dependencies: To access Electronic Payroll, you must have at least Sensitive Read in Colaboradores. In the case of Mexico, it is the CDFI.

 

Organizational Development

Talent

  • Evaluations:Allows viewing, creating and modifying performance evaluations. Administrators can define which roles have access to view and edit evaluations. This includes the ability to assign evaluators, set deadlines and configure evaluation forms.

    Results visibility: It can be configured who has access to evaluation results, allowing only certain roles, such as managers or human resources, to see the full results. This permission is subject to area limits.
  • Goals:Goal assignment and tracking: Supervisors can assign goals to their teams and track progress. Permissions define who can edit or close goals.

    Goals visibility: It can be set whether goals are visible only to the employee and their supervisor or if they can also be seen by other team members. This permission is subject to area limits.
  • Continuous feedback:Anonymous or identified feedback: It is possible to allow employees to provide feedback anonymously or identified, depending on the configuration set by the organization.

    Access to Feedback: Permissions can determine who can see the feedback received by an employee, whether the employee themself, their direct supervisor or human resources. This permission is subject to area limits.
  • Action plans:Allows viewing, creating and modifying action plans. Creation and editing: Action plans can be created by supervisors or by human resources, and permissions determine who can edit them or mark them as completed.

    Progress tracking: Permissions also control who can view the progress of an action plan, allowing proper monitoring by those responsible. This permission is subject to area limits.
  • Development:Allows visualizing employees' growth potential. This includes:
    - Access to the Ninebox view or talent matrix (performance vs. potential), if enabled.
    - Viewing information associated with potential declared by leaders or evaluators in evaluation processes.
    - Ability to analyze this information to make decisions about career plans, succession and individual development. This permission is not subject to area limits.
     

Selection

  • Selection:Allows viewing and creating selection plans. Read: access to view all selection processes and applicants. Modification: also access to create and modify the processes. Administration of process templates, automations, forms and selection emails. This permission is subject to area limits.
     

Portal Administration

  • Portal Administration:Allows administering portal cover types, publications, quick actions, birthdays and pending tasks. Allows configuring covers, quick actions and publications in the collaborator portal. This permission is subject to area limits.
     

Recognitions

  • Recognitions:Allows administering recognition types and viewing all recognitions made. Gives access to create recognition types, general configurations and recognition history This permission is subject to area limits.
     

Surveys

  • Climate Survey:Allows configuring, managing, reviewing results and setting the visibility criteria in climate surveys. This permission is subject to area limits.
  • Open Survey:Allows configuring, managing and reviewing results in open surveys. This permission is subject to area limits.
     

Whistleblower Channel

  • Whistleblower Channel:Full access to the module. This permission is not subject to area limits.
     

Employee Service

  • Employee Service:Enables direct access to Intercom. This permission is not subject to area limits.
     

Benefits

Benefits

  • Benefits:Allows creating and editing benefits, benefit plans and performing actions on their requests. This permission is subject to area limits.
  • Benefit request approvals:In case of Modification, it allows performing supervisor actions on benefit requests. This permission requires visibility permissions on employees to display requests. This permission is subject to area limits.
     

Training

Training

  • Training:Controls the actions each user can perform within thedashboard, ensuring secure and personalized management. Grants access to data and configurations of the LMS module, including courses, paths, instances and multimedia. This permission is not subject to area limits.
     

User Role

  • User Role:Defines the access level and responsibilities of users within the educational system, adapting the experience according to their role. This permission is not subject to area limits.
     

Information

Reports

  • Reports:Access to the platform reporting. This permission is not subject to area limits.
     

Importers

  • Importers:Access to the platform importers. This permission is not subject to area limits.
     

Exporters

  • Exporters:Access to the platform exporters. This permission is not subject to area limits.
     

Copilot

  • Copilot:Allows access to the copilot system in the side menu. This permission is not subject to area limits.
     

System configuration

  • General parameters:Access to the platform's general configurations.
  • Custom attributes:Allows viewing, creating and modifying custom attributes.
    🚧 Permission subject to Area Limit
  • Task reminder:Access to configure the weekly reminder email of pending tasks for the entire company.
  • Companies:Access to business names within the platform.
  • Company variables:Access to all variables the Company has had (Mutual, compensation funds, family allowance).

📌Dependencies: Depends on the Companies permission.

  • Unions:Access to unions information.
  • Accounting accounts:Allows creating/reading/editing/deleting accounting accounts in the Accounting Accounts administration view (admin/cuentas_contables). Also allows associating items with accounting accounts.
  • Cost centers:Allows viewing and creating cost center definitions.
  • Users and profiles:Allows administering users, profile types and their associated permissions.
    🚧 Permission subject to Area Limit
  • Accounting structures:Access to the accounting centralization configuration.
  • Change history: Access to the history of activities performed on the platform.
  • Localities:Access to locality information of employees' work centers.
  • API Accesses:Access to integrate Buk with other platforms via API.
  • Access whitelist:Allows managing the authorized IP addresses to access Buk's APIs.

📌Dependencies: this permission depends on having at least Read on the “Accesos API” permission

  • Webhooks:Allows managing automatic data sending to an external URL when events occur in Buk.

📌Dependencies: this permission depends on having at least Read on the “Accesos API” permission

  • Holidays:Access to manage public holidays on the platform.
  • Billing:This permission gives access to the 'Account Statement' section within Administration. Here you can see all your fiscal documents regarding your billing with Buk. Additionally, it allows uploading proof of payment to unblock your platform if you have the collections icon active.
  • Account statement:Allows accessing the Account Statement module within Administration. With this permission the user can view all invoices issued by Buk, check their payment status (pending or paid), download the documents in PDF and upload proof of payment in case they have the collections icon active.

  • Others:Allows access to Administration modules such as the employee service configuration, benefits and selection. It also grants access to the management of absence types and salary types, to the support chat, and to the Marketplace along with its integrations.

     

Support Access

Support access:This permission gives you the ability to grant Buk support access.Support access is not subject to area limits, role, or data set even when the user granting it is limited.

 


 

🤖 This article was translated using artificial intelligence. View original article.