Master the granular permission system that controls what users can access and do within your Devdraft application. Permissions provide fine-grained access control for maintaining security while enabling productivity.

What are Permissions?

Individual atomic capabilities that control access to specific features and data within Devdraft. Permissions are the building blocks used to create custom roles, allowing precise control over what team members can see and do.

Quick Setup

Understand permissions in under 5 minutes:
1

Access Permission Overview

Navigate to App SettingsMembersCreate Role to see permissions
2

Explore Permission Categories

Review the organized permission groups
3

Understand Dependencies

Learn how permissions relate to each other
4

Apply to Roles

Use permissions to build effective role configurations

Permission Categories

Company and Configuration Management:
  • View Business Information: Access company details and settings
  • Edit Business Details: Modify company information and branding
  • Manage Business Verification: Handle KYC and compliance processes
  • Configure Business Settings: Update operational configurations
Use Cases:
  • Admin roles managing company information
  • Finance teams handling verification
  • Operations staff updating settings

Permission Dependencies

How Dependencies Work:Some permissions require others to function properly. When you assign a permission, its dependencies are automatically included to ensure functionality.Example Dependencies:
  • Edit Customers → requires View Customers
  • Process Refunds → requires View Transactions
  • Assign Roles → requires View Team Members
  • Delete Products → requires View Products and Edit Products
Dependencies ensure that roles remain functional and users have the access they need to complete tasks.
Complex Permission Relationships:
Manage API Keys
├── View API Keys (direct dependency)
└── Access Technical Settings (indirect dependency)

Process Refunds
├── View Transactions (direct dependency)
├── View Customers (indirect dependency)
└── Access Financial Operations (system dependency)
Benefits:
  • Prevents broken permission sets
  • Maintains logical access patterns
  • Simplifies role configuration
  • Ensures feature functionality
Automatic Handling:The system automatically manages dependencies by:
  • Adding required permissions when you select dependent ones
  • Removing dependent permissions when you remove required ones
  • Validating permission sets for completeness
  • Providing clear dependency information
Removing a base permission will also remove all permissions that depend on it. Review dependency impacts before making changes.

Permission Levels and Scope

View-Only Access:
  • Safe for stakeholders and auditors
  • No risk of data modification
  • Good for reporting and analysis roles
  • Compliance-friendly access level
Examples:
  • View Customers
  • View Transactions
  • View Products
  • View Team Members

Permission Best Practices

1

Apply Principle of Least Privilege

Minimal Access Strategy:
  • Grant only permissions needed for specific job functions
  • Start with basic permissions and add as needed
  • Regular review and adjustment of permission sets
  • Document permission justifications
It’s easier to add permissions later than to remove excessive permissions that users have become accustomed to.
2

Group Related Permissions

Logical Permission Sets:
  • Bundle related permissions in roles
  • Consider workflow requirements
  • Maintain functional coherence
  • Plan for permission evolution
Grouping related permissions makes role management easier and reduces the chance of missing critical access rights.
3

Monitor Permission Usage

Track Permission Effectiveness:
  • Monitor which permissions are actually used
  • Identify unused or overused permissions
  • Adjust roles based on usage patterns
  • Optimize permission assignments
Unused permissions may indicate over-privileged roles or changed business processes that require role updates.

Common Permission Patterns

Read-Only Analyst

View permissions for customers, transactions, products, and reports without modification rights

Customer Service Rep

View and edit customers, view transactions, process refunds, but no system configuration

Product Manager

Full product management, view customers and transactions, no financial operations

Finance Specialist

Transaction management, refunds, financial reports, customer view access

Permission Validation Rules

Automatic Checks:The system validates permission assignments to ensure:
  • All dependencies are satisfied
  • No conflicting permissions exist
  • Minimum functional requirements are met
  • Role coherence is maintained
Validation Process:
  1. Check for required dependencies
  2. Verify permission compatibility
  3. Ensure functional completeness
  4. Validate business logic rules
Organizational Requirements:
  • Financial permissions require customer view access
  • User management permissions need appropriate oversight
  • Technical permissions may require additional security clearance
  • Audit permissions typically require read-only restrictions
Custom Validation:
  • Industry-specific requirements
  • Compliance mandates
  • Organizational policies
  • Security frameworks
Common Issues Prevented:
  • Incomplete permission sets that break functionality
  • Conflicting permissions that create security issues
  • Missing dependencies that prevent feature access
  • Over-privileged roles that violate security principles
The system prevents invalid permission combinations and provides clear guidance for resolution.

Permission Categories Deep Dive

Money and Transaction Control:
  • View Transactions: Basic transaction access
  • Export Transaction Data: Download transaction reports
  • Access Financial Reports: View financial analytics
  • Process Refunds: Initiate refund operations
  • Handle Disputes: Manage payment disputes
  • Access Revenue Reports: View income analytics
  • Export Financial Data: Download financial information
  • View Settlement Data: Access payout information
  • Access Tax Reports: View tax-related data

Advanced Permission Concepts

1

Permission Inheritance

Role-Based Inheritance:
  • Permissions flow from roles to users
  • Multiple role assignments combine permissions
  • Inheritance follows additive principle
  • No permission conflicts in inheritance
Users with multiple roles receive the union of all permissions from their assigned roles.
2

Contextual Permissions

Situation-Aware Access:
  • Some permissions may have contextual limitations
  • Business rules can modify permission effectiveness
  • Time-based or condition-based restrictions possible
  • Dynamic permission evaluation for complex scenarios
3

Permission Auditing

Access Tracking:
  • All permission usage is logged
  • Permission changes are tracked
  • Usage patterns are monitored
  • Compliance reporting is generated
Permission auditing helps maintain security and provides evidence for compliance requirements.

Troubleshooting Permissions

Common Causes:
  • Missing required permission
  • Missing permission dependencies
  • Role not properly assigned
  • Permission conflicts
Resolution Steps:
  1. Check user’s role assignments
  2. Verify role has required permissions
  3. Check for missing dependencies
  4. Test permission effectiveness
  5. Clear user session and retry
Possible Issues:
  • Browser caching issues
  • Session refresh needed
  • Permission not properly saved
  • System synchronization delays
Solutions:
  • Clear browser cache
  • Log out and log back in
  • Verify permission assignment
  • Wait for system synchronization
  • Contact support if issues persist
Resolution Approach:
  • Review all assigned roles
  • Check for overlapping permissions
  • Verify business logic rules
  • Simplify role assignments if needed
  • Test individual permissions
Understanding permissions is crucial for effective team management and security. Use permissions strategically to balance access needs with security requirements.