Setting permissions for individual users

Last updated on November 18th, 2020

Role-Base Access Control

Depending on how many people in your business will be managing the data in our platform, it is highly recommended as a security best practice to maintain separate accounts for different user level activities. 

Each user is assigned a standard user profile. With the role-based access control (RBAC), it is possible to have different members of a team or department assigned only the functionality they need to do their job. The rights given to a user will allow them to see more or less features and data in the user interface, depending on their access.

  • If you want to learn how to create a new user, check this article‍ .

Access control dimensions

There are currently two dimensions of access controls: user roles and user features.

  • User Roles

We currently offer four user profiles:

  1. Admin: Admins have all rights and can manage all present and future accounts including all locations.
  2. Multi-account manager: Multi-Account Managers can manage all accounts assigned to them including all locations. They can add new accounts.
  3. Account manager: Account Managers can manage all accounts assigned to them. They cannot create new accounts.
  4. Location manager: Location Managers can manage all locations assigned to them. They cannot add new locations.
  • User Features

There are currently 6 main features corresponding to different products and actions:

1. Location profile and DirectoriesRelates to viewing or managing the location profile and listings, including syncing on directories and accessing the profile suggestions. Users can have read-only rights (for all profile fields) and/or edit rights (per field). This is segmented in:

  • Edit, Sync: users to manage location profiles and listings, including syncing on directories and accessing the profile suggestions. Here it is possible to select which fields a user is able to edit, when they have the main write rights. 
  • Deletion of duplicates: Allows users to access data about suppressed duplicates on directories (widget on dashboards).
  • Location status change: Allows users to change the contract status of locations (cancel, close, deactivate or reactivate locations).

2. Customer Feedback: Allows users to manage customer feedback and access review-related data (widgets and activity feed on global and location dashboards, columns in locations list). For a read-only access enable the Customer Feedback section but disable "Respond to review".

3. Posting: Allows users to manage location posts on directories.

4. User rights: Allows users to access the User Rights section to edit features and user information (only applies to Account Manager and above, Location Managers have no access to User Rights even when ticked).

5. Insights: Allows users to access tracking data about locations on directories. In the app, this actually corresponds to Google and Facebook insights on the dashboards.

6. Upgrade and downgrade of plan: Allows users to perform the action of changing the product plan of a given account/location.

7. Edit of user personal information: Allows users to edit their own personal information (first name, last name, email, password).

8. Price and Billing information: Allos the user to view price details of product plans and invoices.  

Rules applied when creating new users:

  • When creating a new user, all available features are checked by default; for Location Managers only, all features, except "Location status change" and "Upgrade" are checked by default;
  • Users can only manage the features they have themselves (e.g. if I do not have "Customer Feedback" in my user features, I cannot see, add or remove it from other users either).
  • Disabling Edit, Sync will prevent users from editing location data but they can still connect Google and Facebook

Was this article helpful?

Save as PDF