User Management & Permissions

Roles

Codecks differentiates between org-wide roles and project-specific roles.

Here’s a high-level overview of org-wide roles:

  • Owner

    Assigned to the creator of an organization. There may only be one owner.

  • Admin

    Have access to all projects and can manage billing and integrations.

  • Staff

    May access assigned projects only. Can be assigned the project-specific Producer role.

  • Observer

    May access assigned projects only. They can’t change any data but may add comments to cards.

Users with the Staff role may be given the project-specific Producer role. A producer can manage decks, milestones and integrations for the project. The producer role is available to organizations with the Pro plan.

Project Visibility

Admins and Owners have access to all projects. Projects have a visibility setting which determines if all Staff members can access a project or whether they need to be explicitely added. Observers always have to be explicitely added, no matter the project visibility setting.

Limited Project Visibilty is available in the Pro plan.

Project creation with project visibility option

Permissions

Limited vs Full Staff Permissions

Admins and Owners can set Staff Permissions with the User Management screen. Full Staff Permissions allows all Staff members to

  • create and manage decks
  • create and manage project-specific milestones
  • manage global milestones
  • manage journeys
  • manage project tags

in the projects they have access to.

Permission Matrix

The list below shows the minimum role that has permission to perform or access the corresponding actions.

Here’s the full hierarchy to know what a minum role implies:
Owner > Admin > Producer > Staff > Observer

This means that if a Producer is allowed to perform a certain action, then the Owner and Admins are also allowed to do it.

Entries marked with Staff* imply that Staff Permissions are set to Full. Otherwise these actions are only available to Producers.

Organization-based Permissions

ActionMinimum Role
Can view user overviewObserver
Can manage integrations 1Producer
Can manage billingAdmin
Can invite usersAdmin
Can assign org-wide roles (except Owner)Admin
Can manage organization settingsAdmin
Can delete attachment filesAdmin
Can disable organizationOwner
Can assign different OwnerOwner

1 Producers will be able to access all integrations. But project or deck names they don’t have access to won’t be shown. They may only pick target decks from projects they are producer of.

Project-based Permissions

ActionMinimum Role
Can modify and archive projectProducer
Can manage user project access for Staff and ObserversProducer
Can assign project-specific user roleProducer
Can make project publicProducer
Can create and manage project tagsProducer / Staff*
Can create projectAdmin
Can delete projectAdmin
Can change default access for Staff and ObserversAdmin

Milestone-based Permissions

ActionMinimum Role
Can pin milestoneObserver
Can assign cards to milestonesStaff
Can create and manage project-specific milestonesProducer / Staff*
Can manage global milestonesProducer / Staff*
Can create global milestonesAdmin

Deck-based Permissions

ActionMinimum Role
Can assign cards to decksStaff
Can create and manage decksProducer / Staff*
Can create and manage journeysProducer / Staff*
Can set preferred card sort order in deckProducer
Can modify public deck’s deck orderProducer

Card-based Permissions

ActionMinimum Role
Can bookmark cardObserver
Can create & modify cardStaff
Can create card presetStaff
Can manage card presetAdmin