Setting Roles and Permissions

Roles and permissions allow you to control what each user within Internal is allowed to view or edit. To access these settings go to Company Settings -> Roles & Permissions (only Admin users can access Company Settings).

You'll see the existing roles in Internal and an "Add Role" button to allow you to create new roles. Admin and Read Only roles are created by default. Admin users have access to everything, including Company Settings. Read Only users are given default view access to everything, but are not allowed to write or use functions to edit any data.

You can click on an existing role to view the permission set for that role, and make edits. Note that the Admin role cannot be edited.

Adding a role

Click on the button to Add Role. Enter in a Role Name.

Next, you'll define the permissions that this role has - data permissions and function permissions.

Within data permissions, you'll see all the resources you have in a list. You can use the Read and Write checkboxes to assign read and write privileges to this role. Click the "+" to expand each resource - this will allow you to set more granular permissions on the field-level. Read will give the role the ability to see this particular resource or field - without read privileges, this resource (or field) will not appear or be able to be accessed by this role. Write gives the role the ability to edit (write directly) to that particular resource or data field (within the admin console).

Under function permissions, you can define whether this role can use specific functions (including any custom functions you have created). This controls how that role will be able to use certain Space components that are tied to those functions. Without access, a role cannot utilize those functions within a Space.

For functions that insert and delete records, you can use the "Has Access" checkbox to set role permissions. For functions that update a record, you can also choose to expand to see individual field-level permissions for this function. This will control whether that role can update that specific field using that function.