Permissions

Control who can access your project and what they can do with Voxifly's flexible permission system. Learn how to configure permissions for different user types.

Permission levels

Anonymous users

• Issue viewing: Can view public issues
• Issue creation: Can create issues (if enabled)
• Voting: Can vote on issues (if enabled)
• Commenting: Can comment on issues (if enabled)

Registered users

• Full public access: All public board features
• Issue management: Create, edit, vote, comment
• Profile management: Manage their own profile
• Notification preferences: Control notification settings

Team members

• Admin access: Full project management
• Issue modification: Edit any issue details
• Status changes: Move issues through workflow
• User management: Invite and manage members

Project owners

• Full control: All permissions and settings
• Billing access: Manage subscription and payments
• Account management: Delete account and data
• Team management: Full team control

Permission configuration

Board-level permissions

• Public visibility: Control board visibility
• Anonymous access: Allow access without accounts
• Registration required: Force account creation
• Team-only access: Restrict to team members

Issue permissions

• Creation rights: Who can create issues
• Editing rights: Who can modify issues
• Deletion rights: Who can delete issues
• Status changes: Who can change statuses

Comment permissions

• Commenting rights: Who can comment
• Moderation rights: Who can moderate
• Editing rights: Who can edit comments
• Deletion rights: Who can delete comments

Voting permissions

• Voting rights: Who can vote
• Vote visibility: Who can see votes
• Vote limits: Restrict voting frequency
• Vote weighting: Different vote values

Access control

Authentication requirements

• No authentication: Fully public access
• Optional authentication: Encourage but don't require
• Required authentication: Force account creation
• Team authentication: Team members only

Role-based access

• Owner: Full project control
• Admin: Project management access
• Member: Basic project access
• Viewer: Read-only access

Feature-specific permissions

• Issue creation: Control who can create
• Commenting: Manage comment permissions
• Voting: Control voting access
• File uploads: Manage attachment permissions

Security considerations

Data protection

• Sensitive information: Protect confidential data
• User privacy: Respect user privacy rights
• Data access: Control who can access data
• Data export: Manage data export permissions

Content moderation

• Content filtering: Block inappropriate content
• Spam prevention: Prevent spam and abuse
• User reporting: Enable community reporting
• Moderation tools: Provide moderation capabilities

Account security

• Password policies: Enforce strong passwords
• Two-factor authentication: Require 2FA for admins
• Session management: Control session duration
• Login monitoring: Track login attempts

Permission management

Setting permissions

1. Go to Project Settings → Permissions
2. Select user type or role
3. Configure specific permissions
4. Save changes and test

Permission inheritance

• Role hierarchy: Higher roles inherit lower permissions
• Team permissions: Team members inherit team permissions
• Project permissions: Project-specific overrides
• Global permissions: Account-wide settings

Permission auditing

• Permission logs: Track permission changes
• Access logs: Monitor user access
• Action logs: Record user actions
• Security alerts: Notify of suspicious activity

Best practices

Permission design

• Principle of least privilege: Grant minimum necessary access
• Role clarity: Define clear role responsibilities
• Permission consistency: Use consistent permission patterns
• Regular review: Audit permissions regularly

Security implementation

• Default deny: Deny access by default
• Explicit grants: Explicitly grant permissions
• Regular audits: Review permissions regularly
• User education: Train users on security

User experience

• Clear permissions: Make permissions understandable
• Helpful errors: Provide clear error messages
• Permission requests: Allow users to request access
• Graceful degradation: Handle permission errors gracefully

Advanced features

Conditional permissions

• Time-based: Permissions that expire
• Location-based: Geographic restrictions
• Device-based: Device-specific permissions
• Context-based: Situation-dependent permissions

Permission delegation

• Temporary access: Grant temporary permissions
• Delegation chains: Allow permission delegation
• Approval workflows: Require approval for access
• Escalation procedures: Handle permission requests

Integration permissions

• API access: Control API permissions
• Webhook permissions: Manage webhook access
• Third-party integrations: Control external access
• Data sharing: Manage data sharing permissions

Troubleshooting

Common issues

• Permission denied: User lacks required permissions
• Access errors: Configuration problems
• Role conflicts: Conflicting role assignments
• Inheritance issues: Permission inheritance problems

Debugging permissions

• Permission checker: Test user permissions
• Access logs: Review access attempts
• Role verification: Confirm role assignments
• Configuration review: Check permission settings

Resolution steps

1. Identify issue: Determine permission problem
2. Check configuration: Verify permission settings
3. Test permissions: Use permission checker
4. Adjust settings: Modify permissions as needed
5. Verify fix: Confirm issue resolution

Next steps

• [Create issues] - Issue creation guide
• [Organization] - Categories and statuses
• [Votes & comments] - Community engagement