control user access within your Tourism Accelerator account. Administrators define roles and assign permissions, ensuring users access only necessary features and data, which enhances security and streamlines operations by limiting access to sensitive information.
Accessing this feature
To manage roles and permissions:
Navigate to Settings in the main navigation menu. Select User Management . Click on Roles & Permissions to access the management interface.
How to use it
Effectively using Role-Based Permissions involves defining roles, assigning specific access levels, and then allocating these roles to your team members. Follow these steps to configure and manage your permissions:
Review Existing Roles: Upon accessing the Roles & Permissions section, review the list of default and custom roles already configured for your organisation. Understand their current permission sets to identify any gaps or redundancies.
Create a New Role (Optional): Click the Create New Role button.
Provide a clear, descriptive name for the role (e.g., "Content Editor", "Marketing Manager", "Property Administrator").
Add a brief description outlining the role's purpose and primary responsibilities.
Define Role Permissions: Select an existing role or the newly created role to begin configuring its permissions. The system presents a comprehensive list of modules and functionalities (e.g., "Properties", "Bookings", "Reports", "Users"). For each module or function, specify the level of access:
No Access: The user cannot view or interact with this feature.
View Only: The user can see information but cannot create, edit, or delete anything.
Edit: The user can view and modify existing data but may not be able to create new entries or delete.
Create: The user can view, edit, and create new entries.
Delete: The user has full control, including the ability to delete data or records.
Carefully select the appropriate access level for each item, aligning with the role's intended responsibilities.
Save Role Configuration: After defining all permissions for the role, click Save to apply the changes. The system will prompt for confirmation.
Assign Users to Roles: Navigate back to the "User Management" section.
Select the individual user you wish to assign a role to.
Locate the "Role" field within their user profile.
Choose the appropriate role from the dropdown list. A user can only be assigned one primary role.
Save the user's profile to apply the role assignment. The user's access will instantly update to reflect their new permissions.
Verify Permissions (Optional): As an administrator, you can temporarily assume a specific role's permissions or log in as a test user to confirm that the configured access levels function as intended. This step is crucial for validating security and functionality.
Tips
Role-Based Permissions empower your organisation with precise control over platform access:
Granular Access Control: Define specific read, write, create, and delete permissions for individual modules, features, and even data subsets, ensuring users interact only with authorised components.
Customizable Roles: Create an unlimited number of custom roles tailored to your unique organisational structure and operational requirements, beyond the default system roles.
Enhanced Security Posture: Minimise the risk of unauthorized data access or modification by strictly limiting user privileges to their job function, aligning with the principle of least privilege.
Simplified User Management: Simplify onboarding and offboarding processes. Assigning a pre-defined role instantly grants or revokes a comprehensive set of permissions, reducing manual configuration and potential errors.
Operational Efficiency: Users are presented with a simplified interface, seeing only the features relevant to them. This reduces clutter, improves navigation, and allows teams to focus on their core tasks without distraction.
Centralised Control: Manage all user roles and permissions from a single, intuitive interface, providing administrators with a clear overview and efficient control over the entire system.
To maximise the benefits of Role-Based Permissions and maintain a secure, efficient environment, consider these best practices:
Implement the Principle of Least Privilege (PoLP): Grant users the minimum level of access required to perform their job functions, and nothing more. This significantly reduces the potential impact of compromised accounts or human error.
Define Roles Clearly: Create roles with distinct, easily understandable names and descriptions that clearly articulate their purpose and associated responsibilities. Avoid ambiguous role titles.
Regularly Review Roles and Assignments: Conduct periodic audits of your defined roles and user assignments. As your organisation evolves, so too will job functions, requiring adjustments to permissions to maintain relevance and security.
Avoid Over-Permissioning: Resist the temptation to grant broader access than necessary "just in case." Over-permissioning introduces unnecessary security risks and complicates compliance efforts.
Test Role Configurations: Before deploying new roles or significant permission changes, test them thoroughly with a sample user or by temporarily assuming the role's permissions. This helps identify unintended access or restrictions.
Document Role Definitions: Maintain clear documentation for each role, outlining its purpose, the permissions it grants, and the types of users it should be assigned to. This aids consistency and future administration.
Synchronise with Organisational Changes: When team members change roles, leave the organisation, or new positions are created, promptly update their assigned roles and permissions within the Tourism Accelerator platform.
Need help?
For further assistance, contact us at [email protected]