Roles and permissions
Voxifly's role-based permission system allows you to control access and maintain security in your team. Learn about available roles and their permissions.
Role types
Owner
- Full control: All permissions and settings
- Billing access: Manage subscription and payments
- Member management: Invite, remove, change roles
- Account deletion: Can delete the entire account
Admin
- Project management: Create, edit, delete projects
- Settings access: Modify project configurations
- Member management: Invite and manage members
- No billing access: Cannot modify subscription
Member
- Project access: View and contribute to projects
- Issue management: Create, edit, vote on issues
- Limited settings: Basic project interactions
- No admin access: Cannot modify project settings
Permission matrix
Detailed permissions
| Action | Owner | Admin | Member |
|---|---|---|---|
| Manage billing | ✅ | ❌ | ❌ |
| Invite members | ✅ | ✅ | ❌ |
| Remove members | ✅ | ✅ | ❌ |
| Change roles | ✅ | ✅ | ❌ |
| Create projects | ✅ | ✅ | ❌ |
| Edit project settings | ✅ | ✅ | ❌ |
| Delete projects | ✅ | ✅ | ❌ |
| Create issues | ✅ | ✅ | ✅ |
| Edit issues | ✅ | ✅ | ✅ |
| Vote on issues | ✅ | ✅ | ✅ |
| Comment on issues | ✅ | ✅ | ✅ |
| Delete account | ✅ | ❌ | ❌ |
Feature-specific permissions
- Project creation: Owner and Admin only
- Project editing: Owner and Admin only
- Project deletion: Owner and Admin only
- Issue management: All roles can manage issues
- Billing management: Owner only
- Member management: Owner and Admin only
Role assignment
Assigning roles
- During invitation: Assign role when inviting
- After invitation: Change role after invitation
- Role promotion: Promote members to higher roles
- Role demotion: Demote members to lower roles
Role changes
- Immediate effect: Role changes take effect immediately
- Permission updates: Permissions update automatically
- Notification: Members notified of role changes
- Audit trail: Role changes are logged
Role hierarchy
- Owner: Highest level, full control
- Admin: Mid-level, project management
- Member: Basic level, project contribution
- Inheritance: Higher roles inherit lower permissions
Permission management
Permission categories
- Account permissions: Account-level access
- Project permissions: Project-level access
- Issue permissions: Issue-level access
- Billing permissions: Billing-level access
Permission inheritance
- Role hierarchy: Higher roles inherit lower permissions
- Team permissions: Team members inherit team permissions
- Project permissions: Project-specific overrides
- Global permissions: Account-wide settings
Permission auditing
- Permission logs: Track permission changes
- Access logs: Monitor user access
- Action logs: Record user actions
- Security alerts: Notify of suspicious activity
Security considerations
Access control
- Principle of least privilege: Grant minimum necessary access
- Role clarity: Define clear role responsibilities
- Permission consistency: Use consistent permission patterns
- Regular review: Audit permissions regularly
Data protection
- Sensitive information: Protect confidential data
- User privacy: Respect user privacy rights
- Data access: Control who can access data
- Data export: Manage data export permissions
Security best practices
- Default deny: Deny access by default
- Explicit grants: Explicitly grant permissions
- Regular audits: Review permissions regularly
- User education: Train users on security
Role management
Creating custom roles
- Role definition: Define custom role requirements
- Permission assignment: Assign specific permissions
- Role testing: Test role functionality
- Role deployment: Deploy custom roles
Role templates
- Standard roles: Use standard role templates
- Custom templates: Create custom role templates
- Template sharing: Share templates across projects
- Template updates: Update templates as needed
Role documentation
- Role descriptions: Document role responsibilities
- Permission lists: List role permissions
- Usage guidelines: Provide usage guidelines
- Best practices: Share best practices
Best practices
Role design
- Clear roles: Define clear role responsibilities
- Appropriate permissions: Grant appropriate permissions
- Role consistency: Maintain role consistency
- Role scalability: Design roles for scalability
Permission management
- Regular review: Review permissions regularly
- Permission audits: Audit permissions
- Security training: Provide security training
- Incident response: Plan incident response
User experience
- Clear permissions: Make permissions understandable
- Helpful errors: Provide clear error messages
- Permission requests: Allow users to request access
- Graceful degradation: Handle permission errors gracefully
Advanced features
Conditional permissions
- Time-based: Permissions that expire
- Location-based: Geographic restrictions
- Device-based: Device-specific permissions
- Context-based: Situation-dependent permissions
Permission delegation
- Temporary access: Grant temporary permissions
- Delegation chains: Allow permission delegation
- Approval workflows: Require approval for access
- Escalation procedures: Handle permission requests
Integration permissions
- API access: Control API permissions
- Webhook permissions: Manage webhook access
- Third-party integrations: Control external access
- Data sharing: Manage data sharing permissions
Troubleshooting
Common issues
- Permission denied: User lacks required permissions
- Access errors: Configuration problems
- Role conflicts: Conflicting role assignments
- Inheritance issues: Permission inheritance problems
Debugging permissions
- Permission checker: Test user permissions
- Access logs: Review access attempts
- Role verification: Confirm role assignments
- Configuration review: Check permission settings
Resolution steps
- Identify issue: Determine permission problem
- Check configuration: Verify permission settings
- Test permissions: Use permission checker
- Adjust settings: Modify permissions as needed
- Verify fix: Confirm issue resolution
Next steps
- [Account types] - Personal vs team accounts
- [Team management] - Invitations and members