Use this page during onboarding, UAT, and month-end operations. Each role should follow its own workflow so approvals, payroll inputs, and audit logs stay clean.
Super Admin
Owns system configuration, permissions, deployment readiness, and final governance.
Do this
Create HR Admin, Team Lead, and Employee accounts from Settings > Users.
Review Role Permissions and keep Super Admin locked with full access.
Configure company settings, office locations, payroll rules, and governed jobs.
Monitor audit logs, job runs, payroll approval readiness, and production health.
Avoid
Do not submit employee tasks, contributions, leave, attendance, or expenses.
Do not use Super Admin as a daily employee account.
HR Admin
Runs people operations, attendance governance, documents, leave, expenses, and payroll preparation.
Do this
Create and maintain employees, departments, shifts, employee documents, and ID cards.
Review attendance corrections, leave requests, salary advances, and expense claims.
Set or confirm payroll rules before generating payroll for a period.
Run UAT checks for HR flows before month-end payroll.
Avoid
Do not edit Super Admin access.
Do not approve payroll without reviewing inputs and reports.
Team Lead
Assigns and reviews team work while supporting leave and contribution review.
Do this
Create predefined tasks with defined points and assign them to employees.
Review submitted task proof, approve/reject work, and award points.
Review employee contributions when applicable.
Check task reports for workload, overdue work, and review turnaround.
Avoid
Do not submit work for employees.
Do not change payroll or company-level settings.
Employee
Uses the ERP for self-service daily work, attendance, leave, expenses, and proof submission.
Do this
Check in/out from Attendance when inside the approved GPS/IP rules.
Open assigned tasks, upload proof, and submit notes for review.
Submit extra contributions for work outside predefined tasks.
Request leave, salary advance, and expenses with required proof files.
Avoid
Do not use another employee account.
Do not submit duplicate proof unless a reviewer asks for resubmission.
Operational scripts
Use these flows for real testing
Task Points To Payroll
1Team Lead creates a task and defines points.
2Assigned Employee submits proof and notes.
3Reviewer approves and confirms awarded points.
4Payroll uses approved task points with the configured point value.
Contribution Points
1Employee submits extra work as a contribution.
2Reviewer checks proof, category, and point request.
3Approved contribution points are captured for payroll.
4Rejected contributions stay visible in history but do not pay.
Attendance Governance
1Employee checks in/out with GPS/IP validation.
2System stores attendance logs and anomaly flags.
3Corrections require a review trail.
4Finalization job locks daily attendance for payroll input.
Files And Documents
1Upload files only through the relevant workflow.
2Private files use short-lived signed download URLs.
3Document review keeps verification status and expiry visible.
4Audit logs track file access and governance actions.
Payroll Run
1Confirm payroll rule point value and deduction settings.
2Generate payroll for the target period.
3Review attendance, task, contribution, expense, and advance snapshots.
4Approve, lock, and publish payslips.
Security Controls
1Use separate accounts for each role.
2Keep Super Admin for governance, not daily submissions.
3Review role permissions after seed or deployment.
4Use UAT scripts before go-live and after major changes.