Team Management
Permissions
Understand and configure granular permissions that control access to specific features and data within your Devdraft application
Master the granular permission system that controls what users can access and do within your Devdraft application. Permissions provide fine-grained access control for maintaining security while enabling productivity.
What are Permissions?
Individual atomic capabilities that control access to specific features and data within Devdraft. Permissions are the building blocks used to create custom roles, allowing precise control over what team members can see and do.Quick Setup
Understand permissions in under 5 minutes:1
Access Permission Overview
Navigate to App Settings → Members → Create Role to see permissions
2
Explore Permission Categories
Review the organized permission groups
3
Understand Dependencies
Learn how permissions relate to each other
4
Apply to Roles
Use permissions to build effective role configurations
Permission Categories
Company and Configuration Management:
- View Business Information: Access company details and settings
- Edit Business Details: Modify company information and branding
- Manage Business Verification: Handle KYC and compliance processes
- Configure Business Settings: Update operational configurations
- Admin roles managing company information
- Finance teams handling verification
- Operations staff updating settings
Permission Dependencies
Understanding Dependencies
Understanding Dependencies
How Dependencies Work:Some permissions require others to function properly. When you assign a permission, its dependencies are automatically included to ensure functionality.Example Dependencies:
- Edit Customers → requires View Customers
- Process Refunds → requires View Transactions
- Assign Roles → requires View Team Members
- Delete Products → requires View Products and Edit Products
Dependencies ensure that roles remain functional and users have the access they need to complete tasks.
Dependency Chains
Dependency Chains
Complex Permission Relationships:Benefits:
- Prevents broken permission sets
- Maintains logical access patterns
- Simplifies role configuration
- Ensures feature functionality
Dependency Management
Dependency Management
Automatic Handling:The system automatically manages dependencies by:
- Adding required permissions when you select dependent ones
- Removing dependent permissions when you remove required ones
- Validating permission sets for completeness
- Providing clear dependency information
Removing a base permission will also remove all permissions that depend on it. Review dependency impacts before making changes.
Permission Levels and Scope
View-Only Access:
- Safe for stakeholders and auditors
- No risk of data modification
- Good for reporting and analysis roles
- Compliance-friendly access level
- View Customers
- View Transactions
- View Products
- View Team Members
Permission Best Practices
1
Apply Principle of Least Privilege
Minimal Access Strategy:
- Grant only permissions needed for specific job functions
- Start with basic permissions and add as needed
- Regular review and adjustment of permission sets
- Document permission justifications
It’s easier to add permissions later than to remove excessive permissions that users have become accustomed to.
2
Group Related Permissions
Logical Permission Sets:
- Bundle related permissions in roles
- Consider workflow requirements
- Maintain functional coherence
- Plan for permission evolution
Grouping related permissions makes role management easier and reduces the chance of missing critical access rights.
3
Monitor Permission Usage
Track Permission Effectiveness:
- Monitor which permissions are actually used
- Identify unused or overused permissions
- Adjust roles based on usage patterns
- Optimize permission assignments
Unused permissions may indicate over-privileged roles or changed business processes that require role updates.
Common Permission Patterns
Read-Only Analyst
View permissions for customers, transactions, products, and reports without modification rights
Customer Service Rep
View and edit customers, view transactions, process refunds, but no system configuration
Product Manager
Full product management, view customers and transactions, no financial operations
Finance Specialist
Transaction management, refunds, financial reports, customer view access
Permission Validation Rules
System Validation
System Validation
Automatic Checks:The system validates permission assignments to ensure:
- All dependencies are satisfied
- No conflicting permissions exist
- Minimum functional requirements are met
- Role coherence is maintained
- Check for required dependencies
- Verify permission compatibility
- Ensure functional completeness
- Validate business logic rules
Business Logic Rules
Business Logic Rules
Organizational Requirements:
- Financial permissions require customer view access
- User management permissions need appropriate oversight
- Technical permissions may require additional security clearance
- Audit permissions typically require read-only restrictions
- Industry-specific requirements
- Compliance mandates
- Organizational policies
- Security frameworks
Error Prevention
Error Prevention
Common Issues Prevented:
- Incomplete permission sets that break functionality
- Conflicting permissions that create security issues
- Missing dependencies that prevent feature access
- Over-privileged roles that violate security principles
The system prevents invalid permission combinations and provides clear guidance for resolution.
Permission Categories Deep Dive
Money and Transaction Control:
Transaction Management
Transaction Management
- View Transactions: Basic transaction access
- Export Transaction Data: Download transaction reports
- Access Financial Reports: View financial analytics
- Process Refunds: Initiate refund operations
- Handle Disputes: Manage payment disputes
Financial Analysis
Financial Analysis
- Access Revenue Reports: View income analytics
- Export Financial Data: Download financial information
- View Settlement Data: Access payout information
- Access Tax Reports: View tax-related data
Advanced Permission Concepts
1
Permission Inheritance
Role-Based Inheritance:
- Permissions flow from roles to users
- Multiple role assignments combine permissions
- Inheritance follows additive principle
- No permission conflicts in inheritance
Users with multiple roles receive the union of all permissions from their assigned roles.
2
Contextual Permissions
Situation-Aware Access:
- Some permissions may have contextual limitations
- Business rules can modify permission effectiveness
- Time-based or condition-based restrictions possible
- Dynamic permission evaluation for complex scenarios
3
Permission Auditing
Access Tracking:
- All permission usage is logged
- Permission changes are tracked
- Usage patterns are monitored
- Compliance reporting is generated
Permission auditing helps maintain security and provides evidence for compliance requirements.
Troubleshooting Permissions
User Cannot Access Feature
User Cannot Access Feature
Common Causes:
- Missing required permission
- Missing permission dependencies
- Role not properly assigned
- Permission conflicts
- Check user’s role assignments
- Verify role has required permissions
- Check for missing dependencies
- Test permission effectiveness
- Clear user session and retry
Permission Not Working
Permission Not Working
Possible Issues:
- Browser caching issues
- Session refresh needed
- Permission not properly saved
- System synchronization delays
- Clear browser cache
- Log out and log back in
- Verify permission assignment
- Wait for system synchronization
- Contact support if issues persist
Conflicting Permissions
Conflicting Permissions
Resolution Approach:
- Review all assigned roles
- Check for overlapping permissions
- Verify business logic rules
- Simplify role assignments if needed
- Test individual permissions
Understanding permissions is crucial for effective team management and security. Use permissions strategically to balance access needs with security requirements.