What are organisation roles?
Now that you have your organisation created, it’s time to define roles for your members. Roles in FoxStock define two set of permissions that determine what actions a member can perform on and within the organisation. By creating roles, you can easily manage and control access to various features and functionalities based on the responsibilities of each member.
Permissions
Foxstock revolves around permissions. A permission determines actions that a user can do on a resource. In the case of organisations, you have Organisation Permissions and Asset Permissions. You can learn more about permissions in the Permissions section.
Permissions are hierarchical. This means that if a user has a higher-level permission, they automatically have the lower ones. For example, if they have MANAGE permission, they automatically have WRITE and READ permissions as well. Similarly, if they have WRITE permission, they also have READ permission.
Organisation Permissions
Organisation permissions govern actions that a user can perform at the organisation level. These include:
MANAGEwhich allows a user to manage the organisation settings, members, and roles.WRITEwhich allows a user to add or remove asset (stockpile and network) assignments on the organisation.READwhich allows a user to view the organisation details and its assets.
In general, you should give READ permission to all members, recruits or guests; WRITE permission to verified members who need to share their own assets to others; and MANAGE permission only to trusted officers who will oversee the organisation.
Asset Permissions
Asset permissions govern actions that a user can perform on the assets (stockpiles and networks) owned by the organisation. These include:
MANAGEwhich allows a user to manage the asset settings but also delete it.WRITEwhich allows a user to update the asset settings, contents, and targets.SUBMIT_ITEMSwhich allows a user to submit item updates to the asset.READwhich allows a user to view the asset details and contents.
In general, you should give READ permission to all members, recruits or guests; SUBMIT_ITEMS permission to verified members who will help update stockpile contents; WRITE permission to officers who will manage stockpile settings; and MANAGE permission only to trusted officers who will oversee the organisation.
Roles
Organisation roles are collections of permissions that can be assigned to users or groups of users. A user that receives a role automatically becomes a member of the organisation and inherits all the permissions defined in that role.
You can create multiple roles with different permission sets to cater to various responsibilities within your organisation. For example, you might have a “Logistics Officer” role with MANAGE permissions and a “Driver” role with SUBMIT_ITEMS permissions.
Members always inherit the widest set of permissions from all their assigned roles. For example, if a user has two roles, one with READ permission and another with WRITE permission, they will have both READ and WRITE permissions.
We will learn more about linking users and user groups to roles in the Assign roles to user groups section.
How to create roles?
Simply go to your organisation page, then to the Roles & Permissions tab, click on Add Role, fill in the required details, and click “Create Role”.
In general, we recommend creating at least the following roles:
- Officer: Has
MANAGEorganisation permission andMANAGEasset permission. - Member: Has
WRITEorganisation permission andWRITEasset permission. - Recruit: Has
READorganisation permission andSUBMIT_ITEMSasset permission. - Guest: Has
READorganisation permission andREADasset permission.
This should be sufficient for most organisations, but feel free to customize the roles and permissions based on your organisation’s needs. That’s it! You have your organisation roles created! Now, you just need to link users or user groups to the roles you created.