Role System

Platform roles are meant to control users access across the platform, which feature they can access, which rights they have.

Schema showing roles basic access information ordered by access level, from highest (Super Admin, Owner and Admin) that have access to platform's Back Office, to lowest (Moderator, Speaker, Attendee) that only have access to platform's Front Office.

Glossary

  • Admins user or Admins roles refers to all roles having access to the Back Office: Super Admin, Owner and Admin.

Fundamental principles

The role system is build to respect the following principles:

  • Only Admins users can update other users roles.
  • Admins and Moderator roles can not be given to unregistered user.
  • Admins users can not update their own role.
  • Admins users can not update a role to the one they have or an higher role, preventing privilege escalation.

This last principle mean that a user having the role Admin will not be able to update another user to the role Admin or higher role Owner.

Roles definition

The following content provide the description of each role, their access and limitation.

Super Admin

Access Has access to all existing pages in the Front Office and the Back Office.
Target This role is strictly reserved to BeMyApp IT staff only.
Visibility Invisible Users with this role are not visible in users listing, export, etc.
Assignment This role can not be assigned from platform’s Back Office.

Owner

Access Has access to all pages in the Front Office, and everything non highly critical in the Back Office.
Target This role is strictly reserved to BeMyApp Production staff only.
Visibility Visible Users with this role are visible in users listing, export, etc.
Assignment This role can only be assigned by Super Admin users.

Admin

Access Has access to all pages in the Front Office, and everything non critical in the Back Office.
Target This role can be assigned to Client staff that need access to platform’s Back Office.
Visibility Visible Users with this role are visible in users listing, export, etc.
Assignment This role can only be assigned by Owner users or higher role.

Moderator

Access Has limited access to pages in the Front Office, has no access to the Back Office.
Target This role can be assigned to users that will do public chat moderation and global publication (i.e. news, sponsor pages, etc.).
Visibility Visible Users with this role are visible in users listing, export, etc.
Assignment This role can only be assigned by Admins users.

Speaker

Access Has limited access to pages in the Front Office, has no access to the Back Office.
Target Unchanged This role can be assigned to users that need to be able to make Talks, Meetings, publish news, etc.
Visibility Visible Users with this role are visible in users listing, export, etc.
Assignment This role can only be assigned by Admins users.

Attendee

Access Has limited access to pages in the Front Office, has no access to the Back Office.
Target Unchanged This role can be assigned to users that need to be able to make Talks, Meetings, publish news, etc.
Visibility Visible Users with this role are visible in users listing, export, etc.
Assignment This role can only be assigned by Admins users.