Business Context and Objective
Furious offers two complementary systems for managing access rights:
• Permission Management (Settings > Permission Management)
• Module-specific Configurations (Settings > CRM, Business, Project, etc.)
These two systems may seem redundant but address distinct needs and work in a complementary logic.
Understanding this architecture allows you to configure your users' access rights accurately and anticipate Furious's behavior based on a given configuration.
Permissions Architecture and Complementarity
Furious applies permissions according to 3 complementary mechanisms:
Level 1 — Access Permissions (Permission Management)
Role: Determines WHO can access a page or feature.
Location: Settings > Furious Configuration > Permission Management
Functioning:
• If the user does not meet the criteria defined in the permission → Access Denied
• If the user meets the criteria → Access granted to the page
💡 Tip: Access permissions are the first control. Without page access, other configurations do not apply.
Example:
• Permission "CRM: access the CRM page" configured as "Authorization Level: Admin, Management, Business"
• A user with the "Project" role → Does not see the CRM page at all
• A user with the "Business" role → Accesses the CRM page
Level 2 — Visibility Filters (Configurations by Module)
Role: Determines WHAT DATA the user can see on the page they have access to.
Location: Settings > Furious Configuration > [Relevant Module] > General Configuration
Functioning:
• These configurations automatically filter displayed data according to the user's authorization level
• They apply after the user has accessed the page
Examples of filter configurations:
Module | Configuration | Impact |
CRM | "Allow project users to access all contacts" | If NO: "Project" users only see contacts they are assigned to |
CRM | "Allow project/business to access all cards in the CRM pipeline" | If NO: "Project" and "Business" users only see cards they are assigned to |
💡 Tip: Module-specific configurations refine visibility after page access is granted.
Level 3 — Specific Actions
Role: Determines WHAT the user can do with the data they have access to.
Location: Settings > Furious Configuration > Permission Management (specific action permissions)
Functioning:
• These permissions control specific actions like: create, edit, delete, export, validate, etc.
• They apply after the user has access to the data
Examples:
• "CRM: edit a contact"
• "Quote: delete a quote"
• "Project: validate a project"
Best Practices and Examples
Example 1: CRM Contact Confidentiality by User
Objective: Salespeople (Project/Business) only see their assigned contacts, Management sees everything.
Recommended Configuration:
Level 1 — Access Permission:
• Permission "CRM: access the CRM page"
• Option: Relevant Person
• Manually include: Management users
Level 2 — CRM Configuration:
• Configuration "Allow project users to access all contacts"
• Value: NO (defense in depth, optional)
Expected Result:
User | Contact A (assigned to them) | Contact B (assigned to another) | Contact C (unassigned) |
Business Salesperson | ✅ Visible | ❌ Invisible | ❌ Invisible |
Project Salesperson | ✅ Visible | ❌ Invisible | ❌ Invisible |
Director (manually included) | ✅ Visible | ✅ Visible | ✅ Visible |
Example 2: Project Pipeline Access with Hidden Financial Indicators
Objective: Grant access to the project pipeline to everyone, but hide financial indicators for "Project" profiles.
Recommended Configuration:
Level 1 — Access Permission:
• Permission "Project: access to all open projects in the project [list] and [pipeline]"
• Option: Authorization Level: Admin, Management, Business, Project
Level 3 — Action Permission:
• Permission "Project pipeline: allow viewing of project KPIs"
• Option: Authorization Level: Admin, Management, Business (exclude "Project")
Expected Result:
• "Project" users see the project pipeline but not the Revenue or Gross Margin of the projects
• "Management" and "Business" users see everything
Checks and Prerequisites
Behavior of Manual Inclusions and Exclusions
Manual Inclusions: ✅ Manual inclusion provides complete access without a filter.
Example:
• Permission "CRM: access the CRM page" configured as "Relevant Person"
• Marie (Management) is manually included
• Result: Marie sees ALL contacts (not just the ones she is assigned to)
Manual Exclusions: ❌ Manual exclusion blocks all access, even if the user matches the criteria.
Example:
• Permission configured as "Authorization Level: Project, Business"
• Pierre (Business) is manually excluded
• Result: Pierre has no access to the CRM despite his Business level
⚠️ Warning: Manual inclusions and exclusions are powerful overrides that take precedence over all configured rules.
Technical Prerequisites
For this logic to work correctly:
• Authorization levels must be correctly assigned to users
• The "Manager" field must be filled if you are using the "Manager of the relevant person" option
• The "Assigned to" fields must be completed on CRM/Business/Project records if you are using the "Relevant person" option
To Learn More
Key Takeaways
Furious manages permissions through two complementary systems: page access permissions (Permission Management) and module-specific configurations that filter visible data. Manual inclusions provide complete access without a filter, while manual exclusions block all access. Understanding this complementarity allows precise configuration of your users' business access rights.