Unusual Suite supports multi-user environments where people share data but have different levels of access. Two mechanisms control what each user can see and do: roles (which records a user can manage) and profiles (which data types and fields a user can read or change).
Roles reflect your team hierarchy. You can assign a user one or more roles, and a role can report to another role. A role inherits entitlements from all roles that report to it — inheritance flows down the chain.
Records like contacts, organizations, projects, and activities can have an owner. Who can manage a record depends on whether an owner is set:
Roles give you a vertical view of your data — they determine which records in a type you can reach.
User A has the role CTO. User B has the role SW Engineer. The SW Engineer role reports to CTO. User A owns the activity Lunch with customer; User B owns the activity Project status report.
User A can see and manage both activities, because SW Engineer reports to CTO. User B can only see and manage Project status report, because User B's role does not sit above User A's role in the hierarchy.
Profiles control what you can do with each type of record — whether you can read it, edit or add it, or delete it. They can also control access at the field level: for example, the Project value field on a project can be writable for one profile and read-only for another. A user can have one or more profiles assigned, and their active entitlements are the combined superset of all assigned profiles.
Profiles give you a horizontal view of your data — they determine which fields and record types you can act on.
Profile Sales can read and write the Project value field on projects. Profile Engineering can only read that field. User A has the Sales profile; User B has the Engineering profile. Both users can read project P1. User A sets Project value on P1 to $99. User B can see that value but can't change it.
Some data types follow stricter ownership rules. Time entries can only be managed by their owner and by users whose role the owner's role reports to.
Email accounts work as follows: if an email account has an owner, the owner and any user with the Administrator profile can manage it. If no owner is assigned, only users with the Administrator profile can manage it.
You can't delete users — historical data must stay consistent. You can disable them instead. When you disable a user, all their roles and profiles are removed. Any active records they own are transferred to a different user, which you must select before starting the process.
Active records include: projects in a non-terminal stage, issues in a non-terminal stage, tickets in a non-terminal stage, activities that aren't completed, and all contacts and organizations.
Any unshared emails and email accounts owned by the disabled user are removed. Once a user is disabled, they can't be assigned as the owner of any record.
Transferring ownership of active records may trigger workflows. Consider temporarily disabling the relevant workflows before you disable the user.
Only users with the Administrator profile can manage custom fields.