'System Role' refers to a group of users. You can define roles however you want, but you will want to be mindful of the way their permissions are grouped when creating them. Actionstep offers a few basic system roles by default. You can edit these or create new ones from scratch.
Once you have created or edited your system roles, you can start configuring the set of permissions for each. Permissions can be set on a modular basis, and through 'system objects' for various aspects of the system. Additionally, you can control user permissions through Menu Permissions.
In this article, you will learn how to configure permissions for groups of users referred to as 'system roles'.
Creating a new System Role
To create a new system role, navigate to:
Admin -> Users & Permissions -> System Roles
Once you are on this page, click on 
and you will be taken to the 'Edit System Role' page. When creating the new role, you can set a default rate sheet against the role, and provide access to certain Application permissions. There is a toggle for each module that will allow that system role to access the specific module or 'Admin' menu for that module.
Once you are happy with your settings, click on 'Create System Role' to create the new role.
Data Permissions
The next section you will want to tackle is 'system object permissions'. This is the core set of permissions that governs the level of access each group of users has. To edit to the system object permissions, navigate to:
Admin -> Users & Permissions -> Data Permissions
You will then be taken to the 'System Object Security Editor'.
Click on the drop-down field for 'System Object' and select the set of permissions you would like edit.
For example, if you wanted to provide the specified system role access to a particular matter type, you would select that matter type from the 'System Object' drop-down field. When you select a system object, you will usually see a set of permissions ranging from 'can_view' to 'can_delete' - to enable or disable one of these actions, simply click on the panel, as per the screenshot below.
When you create a new user that is not an Admin, you will most likely need to enable these settings. For example, if you create a new matter and your new user is unable to view the new matter, they do not have the can_read permissions enabled for this specific matter type. You will need to follow this process for all matter types you want your new user to view or edit.
When you are finished editing the settings for a system object, click on the 'Save' button to save any changes.
Some permissions are tier-based. For example, users will only be able to access matters of a certain type if the 'can_view' panel is enabled for both the specific matter type but also the 'Action table' object as well.