User Management & Permissions

Roles

Codecks differentiates between org-wide roles and project-specific roles.

Here’s a high-level overview of org-wide roles:

  • Owner

    Assigned to the creator of an organization. There may only be one owner.

  • Admin

    Have access to all projects and can manage billing and integrations.

  • Staff

    May access assigned projects only. Can be assigned the project-specific Producer role.

  • Observer

    May access assigned projects only. They can’t change any data but may add comments to cards.

Users with the Staff role may be given the project-specific Producer role. A producer can manage Decks, Runs, Milestones and integrations for the project. The producer role is available to organizations with the Pro plan.

Project Visibility

Admins and Owners have access to all projects. Projects have a visibility setting which determines if all Staff members can access a project or whether they need to be explicitely added. Observers always have to be explicitely added, no matter the project visibility setting.

Limited Project Visibilty is available in the Pro plan.

Project creation with project visibility option

Permissions

Limited vs Full Staff Permissions

Admins and Owners can set Staff Permissions with the User Management screen. Full Staff Permissions allows all Staff members to

  • Create and manage Decks
  • Create and manage project-specific Runs and Milestones
  • Manage global Runs and Milestones
  • Manage Journeys
  • Manage Project Tags

in the projects they have access to.

Permission Matrix

The list below shows the minimum role that has permission to perform or access the corresponding actions.

Here’s the full hierarchy to know what a minum role implies: Owner > Admin > Producer > Staff > Observer

This means that if a Producer is allowed to perform a certain action, then the Owner and Admins are also allowed to do it.

Entries marked with Staff* imply that Staff Permissions are set to Full. Otherwise these actions are only available to Producers.

Organization-based Permissions

ActionMinimum Role
Can view user overviewObserver
Can manage integrations 1Producer
Can manage billingAdmin
Can invite usersAdmin
Can assign org-wide roles (except Owner)Admin
Can manage organization settingsAdmin
Can delete attachment filesAdmin
Can disable organizationOwner
Can assign different OwnerOwner

1 Producers will be able to access all integrations. But project or deck names they don’t have access to won’t be shown. They may only pick target decks from projects they are producer of.

Project-based Permissions

ActionMinimum Role
Can modify and archive projectProducer
Can manage user project access for Staff and ObserversProducer
Can assign project-specific user roleProducer
Can make project publicProducer
Can create and manage project tagsProducer / Staff*
Can create projectAdmin
Can delete projectAdmin
Can change default access for Staff and ObserversAdmin

Run-based Permissions

ActionMinimum Role
Can pin RunObserver
Can assign cards to RunsStaff
Can create and manage project-specific RunsProducer / Staff*
Can manage global RunsProducer / Staff*
Can create global RunsAdmin

Milestone-based Permissions

ActionMinimum Role
Can pin milestoneObserver
Can assign cards to milestonesStaff
Can create and manage project-specific milestonesProducer / Staff*
Can manage global milestonesProducer / Staff*
Can create global milestonesAdmin

Deck-based Permissions

ActionMinimum Role
Can assign cards to decksStaff
Can create and manage decksProducer / Staff*
Can create and manage journeysProducer / Staff*
Can set preferred card sort order in deckProducer
Can modify public deck’s deck orderProducer

Card-based Permissions

ActionMinimum Role
Can bookmark cardObserver
Can create & modify cardStaff
Can create card presetStaff
Can manage card presetAdmin

Invite Users

If you open the Mission Control via the Joystick icon at the top left, you’ll find the User Management section. This contains an overview of the current users as well as two options for inviting new members to your organization if you are an admin or owner.

Invite via E-Mail

This option allows to invite users on a one-by-one basis by entering their email. This will sent a message to the entered email containing a link that allows to join your invitations. This option allows to define the user’s role as well as which project access this user should get.

If you want to invite multiple team members in one go, you can generate an invite link. This will allow anyone who has access to it to join your organization. The person creating the link will receive a confirmation email for each person joining. The invited people will join as staff members with the default project accessiblity rights. You can disable this link anytime by pressing the “Disable Link” button.