In LabLog, by default everyone has a "User" role. This role has the minimum level of access permission (the "Audit" permission). For a definition of available permissions see Permissions in LabLog.
To allow users to do more with LabLog, you can create custom roles with specific permissions turned on. For example, you can create an "Approver" role and assign it to individuals in your team who are responsible for approving documents. The "Approver" role will have the approve permission turned on.
The LabLog admin team can set up roles and their permissions for your team. This is performed during LabLog implementation for your team. You can have an unlimited number of role and permission combinations. Each role will have a unique id and it can be assigned to multiple users. Each user will have only one role.