Role permission update
Problem
Deletion authority is too broad: any collaborator can currently delete other collaborators, which should be restricted to the Account Owner only.
Role capability gaps:
Sales cannot create/edit plans or export data they need for quoting and reporting.
Customer Service cannot void or cancel invoices, slowing issue resolution.
Solution
Role | Key Delete Rights | Other New Capabilities |
Account Owner | Can delete collaborators and any other object. | Unchanged—full control. |
Admin | Can delete all objects except collaborators. | Existing admin powers retained. |
Sales | No delete permissions. | Can create/edit plans and export customers, subscriptions, invoices, etc. |
Customer Service | No delete permissions. | Can void and cancel invoices. |
Other roles | No changes. | — |
Definition of Done (DoD)
Permission matrix encoded in code/schema; migrations applied.
Automated tests verify:
Only Account Owner can delete collaborators.
Admins can delete customers, subscriptions, invoices, etc., but not collaborators.
Sales can create/edit plans and export objects.
Customer Service can void/cancel invoices.
UI and API return clear “permission denied” errors for disallowed actions.
Documentation and release notes updated; feature‑flag rollout monitored for permission‑error spikes.
Please authenticate to join the conversation.
Backlog
Pelcro Product
2 days ago
Rana Haleem
Subscribe to post
Get notified by email when there are changes.
Backlog
Pelcro Product
2 days ago
Rana Haleem
Subscribe to post
Get notified by email when there are changes.