# Configuring the Set Permissions on Related Object Action (QMS)

The _Set Permissions on Related Object_ action allows Admins to configure an entry or user action that will assign an application role, such as _Viewer_, on a related object record to a user or users assigned to a defined role on the current object record. This ensures that the users assigned to the object record, such as a _CAPA Action_, will be able to access and view the related object record, such as the related _Deviation_, to assist in performing their assigned tasks while still preventing them from being able to access and view unrelated records.

This action is particularly helpful in configurations where users who are not part of a <a href="/en/gr/52842/">Quality Team</a> may need to interact with related object records to complete a task. However, this action will not support users assigned to roles through Child Security. Only roles manually assigned to the action record will be applied to related records.

## Enabling the User Action

The _Set Permissions on Related Object_ action is available as a user action or an entry action. In order to configure the action as a user action, you must <a href="/en/gr/43127/#assigning-actions-to-an-object">add it in the intended object's configuration</a>. When adding it, ensure that you do not select the **Available in All Lifecycle States** checkbox.

## Configuring the Set Permissions on Related Object Action

To configure the _Set Permissions on Related Object_ action:

  1. From **Admin > Configuration > Object Lifecycles**, click into the applicable lifecycle.
  2. In the _States_ section, click into the lifecycle state in which you want to set, or allow to be set, permissions on related object roles.
  3. In the _User Actions_ or _Entry Actions_ section, click **Edit**.
  4. Add the **Set Permissions on Related Object** action.
  5. Select one or more **Lifecycle Roles**. Choose the roles on the lifecycle's object that you want Vault to target for permission updates when the action executes.
  6. Select an **Outbound Reference Field** on the lifecycle's object. Choose the field that references the related object that Vault will target for permission updates when the action executes.
  7. If the target related object has types, select an **Object Type**.
  8. In the **Assign Permission to Lifecycle Role** drop-down, select any non-system role. Vault grants the permissions for the selected role on the related object when the action executes. You cannot select the _Owner_ role, or any role on the related object that is associated to an active Quality Team Role for that object type.
  9. If you are configuring the action as a user action, add an **Action Label**.
  10. Click **Save**.