Feedback
Roadmap
Changelog
Back to all posts

Role permission update

Problem

  1. Deletion authority is too broad: any collaborator can currently delete other collaborators, which should be restricted to the Account Owner only.

  2. Role capability gaps:

  3. Sales cannot create/edit plans or export data they need for quoting and reporting.

  4. Customer Service cannot void or cancel invoices, slowing issue resolution.

Solution

Role

Key Delete Rights

Other New Capabilities

Account Owner

Can delete collaborators and any other object.

Unchanged—full control.

Admin

Can delete all objects except collaborators.

Existing admin powers retained.

Sales

No delete permissions.

Can create/edit plans and export customers, subscriptions, invoices, etc.

Customer Service

No delete permissions.

Can void and cancel invoices.

Other roles

No changes.

Definition of Done (DoD)

  1. Permission matrix encoded in code/schema; migrations applied.

  2. Automated tests verify:

  3. Only Account Owner can delete collaborators.

  4. Admins can delete customers, subscriptions, invoices, etc., but not collaborators.

  5. Sales can create/edit plans and export objects.

  6. Customer Service can void/cancel invoices.

  7. UI and API return clear “permission denied” errors for disallowed actions.

  8. Documentation and release notes updated; feature‑flag rollout monitored for permission‑error spikes.

Please authenticate to join the conversation.

Upvoters
Status

Backlog

Board
💡

Pelcro Product

Date

26 days ago

Author

Rana Haleem

Subscribe to post

Get notified by email when there are changes.