Overview
This article serves as a comprehensive guide for managing user roles and permissions within an AdvocateHub. It distinguishes between the capabilities of an Administrator and an Author, explains the process of creating custom user roles, assigning them to users, and details the necessary precautions and steps to delete a user role. The article emphasizes the importance of role management in maintaining system security and ensuring that users have appropriate access levels for their responsibilities.
Information
As your Advocate Marketing program grows, you may need to seek help from members of your organization to manage some day to day tasks. With Role Management, you have the ability to give users certain permissions, while restricting their access to other areas of your AdvocateHub.
The two default system roles are the Administrator and the Author. Authors have most of the abilities of a regular administrator, but lack the ability to publish or approve challenges and rewards - you can learn more about them here.
Permissions of Admin vs Author
Admins can do every action in the hub, however, Authors have a smaller set of permissions. Authors can complete the following
Can:
- Create Challenges
- Create Rewards
- Create Groups
- Delete Groups
- Edit Groups
- Add Nominee
- Invite Nominees
Can’t:
- Publish Challenges
- Publish Rewards
- Modify Reward Visibility
- Approve / Reject Challenges
- Fulfill Rewards
- Access Settings section
- Publish Experiences
- API Access (Any option)
- View Reports
Essentially the author can create in the hub but can’t publish anything to the advocates, so an admin can confirm everything that goes to the advocates. If you want a user with slightly more or less permissions, like an editor or just a group admin you can create custom users with different permission sets.
Creating a User Role
Begin by navigating to Settings > System > Role Management . You will encounter the settings page below.
1. Click on the Add Role button to create a new user role to configure your new role with the desired permissions.
2. First, enter a descriptive name and clear description of the role you are creating.
3. Next, choose the permissions you'd like to grant to this user.
There are three types of permissions you can enable/disable:
1. Allow Lens viewing ability.
If enabled, this user will be able to use the Lens view . Disable the toggle if you do not want this role to have access to the Lens Tool.
2. Allow Member Interaction.
This permission allows administrators to interact with members via messaging, discussions, content sections, and public challenge responses. When disabled, the administrators will not be able to participate in Discussions or message Hub members.
Member Interaction when enabled, the administrator will be able to click on Hub member's name and message them.
Member Interaction disabled, the administrator will only be able to view the Hub member's profile.
3. Allow API Access.
If enabled, there are specific options to choose on which API functions to allow access for this role.
4. Allow Administrative View Access.
Disabling this permission would allow creating roles that cannot have access to your Hub administrators settings but will still be able to browse or demo the Hub. You can disable this toggle if you would like to create a role for your executive shareholders and other departments to use.
If enabled, there are more specific administrative functions and permissions for you to choose:
Note: Enabling Manage Users will give Admins access to the settings "Admin User Management" and "Reset Password Link" found in Settings > System . Enabling Manage Roles will give Admins access to the setting "Role Management" found in the same location.
4. Click Create Role .
Note : The base-level permissions of a custom made role are the same as the 'Author' role. This is called the General User Permission which includes abilities to browse all Challenges, Rewards, Content Pages, and Referral Campaigns, participate and moderate discussion forums, send and receive messages from members and update their public profile.
Assigning Roles
Once you create the user role it will be available when you add a user in the User Management settings page ( Settings > System > User Management ). The various user roles created here will be under the User Type dropdown menu.
Deleting Roles
From your Settings > Systems > Role Management, you can delete any user role by hovering over the right side of the list and clicking the 'x' which appears.
Note : You cannot delete roles that currently have users associated with them. You will need to re-assign the user's role before deleting them.
FAQ
What are the main differences between an Administrator and an Author in an AdvocateHub?
An Administrator has full control within the hub, capable of performing all actions, while an Author has a more limited set of permissions, primarily focused on content creation and editing but cannot publish or approve challenges and rewards.
How do I create a new user role in the AdvocateHub?
To create a new user role, navigate to Settings > System > Role Management and click on 'Create Role'. You can then define the specific permissions and access levels for the new role.
Can I delete a user role that has users associated with it?
No, roles with associated users cannot be deleted directly. You must first reassign the users to a different role before you can delete the original role.
What should I do if I want to limit a user's access to sensitive administrative areas within the hub?
You can create a role without access to Hub administrators settings by disabling the 'Allow Administrative View Access' permission. This is suitable for roles intended for executive shareholders and other departments who need to browse or demo the Hub without viewing sensitive areas.
Is it possible to customize API access for different user roles?
Yes, enabling the 'Allow API Access' permission allows you to customize the options for API access based on the role, ensuring that users have the necessary API functions according to their responsibilities.