User Roles & Security Groups
Shell18 defines six security groups that control what each user can see and do.
| Group | Code | Purpose | Typical Users |
|---|---|---|---|
| Collection | shell18_collection | Access to collection-related operations | Collection staff |
| Customer Invoicing | shell18_customer_invoicing | Access to customer invoice operations | AR staff |
| Vendor Bills | shell18_vendor_bills | Access to vendor bill operations | AP staff |
| Disbursement | shell18_disbursement | Access to disbursement operations | Treasury staff |
| Super User | shell18_super_user | Full access to all Shell18 features, can delete records | Station managers, admins |
| CVGo Processor | shell18_cvgo_processor | Upload, validate, and post CVGo data (cannot delete) | Station encoders |
Permission Matrix for CVGo Data
| Operation | Super User | CVGo Processor | Regular User |
|---|---|---|---|
| View CVGo data | Yes | Yes | Yes |
| Upload CVGo ZIP files | Yes | Yes | No |
| Validate data | Yes | Yes | No |
| Post data | Yes | Yes | No |
| Register payments | Yes | Yes | No |
| Delete records | Yes | No | No |
| Configure MOP accounts | Yes | Yes (create/edit only) | View only |
Combining with branch isolation
Group membership controls what actions a user can take. Branch visibility is controlled separately by the user's company_ids and the record rules described in Multi-Branch Setup → Record-level isolation.
A typical station encoder:
- Member of
shell18_cvgo_processor company_ids= just their own branch (so they only see their own CVGo data)
A typical accountant for the whole group:
- Member of
shell18_customer_invoicingand/orshell18_collection company_ids= all six branches plus Panville (so they can consolidate)