Roles & Permissions

Roles are organized by power level:

Higher roles inherit all permissions from lower roles.

The highest role with full control:

Permissions:

• All TENANT_ADMIN permissions
• System-wide settings
• Tenant management
• Database operations
• Security configurations

Typical Users:

• Platform owners
• System administrators
• Technical leads

Full control within a tenant:

Permissions:

• All EMPLOYEE permissions
• User management (create, edit, disable)
• Role assignments
• Tenant settings
• Product creation/deletion
• Tier management

Typical Users:

• Company administrators
• Product owners
• Team leads

Staff members with moderation abilities:

Permissions:

• View all products (including INTERNAL)
• Moderate ideas and comments
• Change idea statuses
• View customer information
• Add internal comments
• Access admin dashboard

Typical Users:

• Product managers
• Support staff
• Developers

Regular customers:

Permissions:

• View PUBLIC products
• View RESTRICTED products (if granted)
• Submit ideas
• Vote on ideas
• Comment on ideas
• Manage own profile

Access Limitations:

• Cannot access admin dashboard
• Cannot see INTERNAL products
• Cannot moderate content

To change a user's role:

1. Go to Admin → Users
2. Find the user
3. Click Edit
4. Select new role from dropdown
5. Click Save

Notes:

• Only higher roles can assign lower roles
• TENANT_ADMIN cannot create SUPER_ADMIN
• Role changes take effect immediately

Accounts can be disabled:

Effect of Disabling:

• Cannot log in
• Cannot perform any actions
• Existing content remains
• Votes still count

Re-enabling:

1. Go to user settings
2. Toggle "Disabled" off
3. User can log in again