Role system
- Gérôme L.
Platform roles are meant to control users access across the platform, which feature they can access, which rights they have.
Glossary
Admins userorAdmins rolesrefers to all roles having access to the Back Office: Super Admin, Owner and Admin.
Fundamental principles
The role system is build to respect the following principles:
Only admins users can update other users roles.
Admins users can not update their own role.
Admins users can not update a role to the one they have or higher, preventing privilege escalation.
Admins and Moderator roles can not be given to unregistered user.
This last principle mean that a user having the role Admin will not be able to update another user to the role Admin or higher role Owner.
Roles definition
The following content provide the description of each role, their access and limitation.
Super Admin
Access | Has access to all existing pages in the Front Office and the Back Office. |
|---|---|
Target | This role is strictly reserved to BeMyApp IT staff only. |
Visibility | invisible Users with this role are not visible in users listing, export, etc. |
Assignment | This role can not be assigned from platform’s Back Office. |
Owner
Access | Has access to all pages in the Front Office, and everything non highly critical in the Back Office. |
|---|---|
Target | This role is strictly reserved to BeMyApp Production staff only. |
Visibility | visible Users with this role are visible in users listing, export, etc. |
Assignment | This role can only be assigned by Super Admin users. |
Admin
Access | Has access to all pages in the Front Office, and everything non critical in the Back Office. |
|---|---|
Target | This role can be assigned to Client staff that need access to platform’s Back Office |
Visibility | visible Users with this role are visible in users listing, export, etc. |
Assignment | This role can only be assigned by Owner users or higher role. |
Moderator
Access | Has limited access to pages in the Front Office, has no access to the Back Office. |
|---|---|
Target | This role can be assigned to users that will do public chat moderation and global publication (i.e. news, sponsor pages, etc.) |
Visibility | visible Users with this role are visible in users listing, export, etc. |
Assignment | This role can only be assigned by Admins users. |
Speaker
Access | Has limited access to pages in the Front Office, has no access to the Back Office. |
|---|---|
Target | unchanged - This role can be assigned to users that need to be able to make Talks, Meetings, publish news, etc. |
Visibility | visible Users with this role are visible in users listing, export, etc. |
Assignment | This role can only be assigned by Admins users. |
Attendee
Access | Has limited access to pages in the Front Office, has no access to the Back Office. |
|---|---|
Target | unchanged - This role can be assigned to users that need to be able to make Talks, Meetings, publish news, etc. |
Visibility | visible Users with this role are visible in users listing, export, etc. |
Assignment | This role can only be assigned by Admins users. |