Manage roles and permission levels

Roles

Roles can be created (1) in the Roles tab of your project settings:‌

To manage a role's permissions, click on it (2):

Creating more than 1 role is only available with the Starter plan or higher.

If your project was created before February 2021, please visit this page to learn how to enable this feature.

The above screenshot shows your role's details page. This is where you'll be managing all permissions which should apply to all the users assigned to this role.‌

Permissions are displayed in 2 sections:‌

  • Smart action permissions

  • Collection permissions

Smart action permissions

This section lets you to easily manage your smart action permissioins (for this role only). Click Show more (1) to display all permissions, or Edit permissions (2) to directly edit its smart action permissions.‌

  • Trigger: Allow users assigned to this role to trigger this smart actions

Approval workflow permissions

If you are using our approval workflow feature, your approval permissions are also managed within roles.‌

The following options become available if you are on the Plus plan or above:‌

  • Trigger with approval: Unlike Trigger, the smart action will not be executed unless manually approved

  • Approve: Allow users assigned to this role to approve a trigger request

  • Approve (self): Allow users assigned to this role to approve their own trigger request

Collection permissions

Collection permissions allow you to enable/disable the following collection-specific permissions:‌

  • Read (list): access to the collection's table view data. Note that the collection must also be shown in the layout to be displayed.

  • Read (details): access to the details view data of any record of this collection.

  • Create: create a record of this collection (N.B: the "Duplicate" permissions is also managed by this permission)

  • Update: update a record of this collection

  • Delete: delete a record of this collection

  • Export: export the list of records of this collection

Control environment access per role

From a role's details page, you can also :‌

  • toggle which environments users assigned to this role have access to (1)

  • select which environment you wish to view permissions of or edit them (2)

Only remote environments are available here, since development environments have all permissions‌

Export role permissions

At anytime you may export your user role permissions to a CSV file by clicking on Export user permissions from the Users tab:‌

It contains User information (1), Smart action name (2) and Collection name (3). Granted permissions (4) are as follows:‌

  • empty: the user is not authorized to use that Smart action as part of that team

  • Trigger: the user can trigger that Smart action

  • If the approval workflow module is enabled:

    • Request: the user can ask for an approval to trigger that Smart action

    • Request/approve: the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action except his own

    • Request/approve(self): the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action including his own

Permission level

The permission level of a user determines what Forest Admin administration permissions he has. You can assign one of the following permission levels per user:‌

  • Admin - can access project settings (manage teams, user roles, and environments), customize the admin UI (activate layout editor) and manage data.

  • Developer - can access project settings (environment settings only).

  • Editor - can customize the admin UI (activate layout editor) and manage data.

  • User - can only manage data.

Manage a user's role and permission level

You can change a user's role or permission level from their details page:‌

  1. Go to the Users tab of your Project settings

  2. Click on a user in the list

  3. Change the role and/or permission level assigned to that user

  4. Don't forget to save