Simple Roles with single access types. See the example below, when you create a Generic Role, you have to specify it as Generic, and you can only select one Access Type, out of,  Read, Write, NECR, ECR or ER.

Please note, you have to select Company/Divisions, where, you want this role to be applied, e.g. if you would be using this Role, across, company 100 and all Divisions, you must select all divisions for company 100.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/39f2b7e1-aab9-492a-9ccb-d5375dde07a1/image2018-11-15_16-32-44.png

This will create only one Role, which can be assigned to any User, who has access to the Company/Divisions defined here.

Note: When you add Roles to Users, the Screen that shows, available Roles, is loaded based on, two factors,

  1. Role Division Access.

     ![<https://s3-us-west-2.amazonaws.com/secure.notion-static.com/8bc151dd-5b8c-47e9-b701-76da7fda1e3b/image2018-11-15_16-50-47.png>](<https://s3-us-west-2.amazonaws.com/secure.notion-static.com/8bc151dd-5b8c-47e9-b701-76da7fda1e3b/image2018-11-15_16-50-47.png>)
    
  2. User Division Access

     ![<https://s3-us-west-2.amazonaws.com/secure.notion-static.com/64840b73-41dd-436b-ae10-fbc5c2be34b4/image2018-11-15_16-52-41.png>](<https://s3-us-west-2.amazonaws.com/secure.notion-static.com/64840b73-41dd-436b-ae10-fbc5c2be34b4/image2018-11-15_16-52-41.png>)
    

If you see the examples above, the User RKTEST91, does not have access to Divisions defined in the Role for Purchaser.

Hence, he will not get that Role as option to link to this User.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/43e8986a-0f26-4699-b003-625fb8e8fda4/image2018-11-15_16-54-17.png