Manage roles and permission levels
In Forest Admin, we keep a clear separation between your operation permissions - managed within roles - and Forest Admin administration permissions, which we call permission level.
Roles can be created (1) in the Roles tab of your project settings:
To manage a role's permissions, click on it (2):
Creating more than 1 role is only available with the Starter plan or higher.
This feature is in beta access only. Visit this page to learn how to enable it.
The above screenshot shows your role's details page. This is where you'll be managing all permissions which should apply to all the users assigned to this role.
Permissions are displayed in 2 sections:
Smart action permissions
Collection permissions
This section lets you to easily manage your smart action permissioins (for this role only). Click Show more (1) to display all permissions, or Edit permissions (2) to directly edit its smart action permissions.
Trigger: Allow users assigned to this role to trigger this smart actions
If you are using our approval workflow feature, your approval permissions are also managed within roles.
The following options become available if you are on the Plus plan or above:
Trigger with approval: Unlike Trigger, the smart action will not be executed unless manually approved
Approve: Allow users assigned to this role to approve a trigger request
Approve (self): Allow users assigned to this role to approve their own trigger request
Collection permissions allow you to enable/disable the following collection-specific permissions:
Read (list): access to the collection's table view data. Note that the collection must also be shown in the layout to be displayed.
Read (details): access to the details view data of any record of this collection.
Create: create a record of this collection (N.B: the "Duplicate" permissions is also managed by this permission)
Update: update a record of this collection
Delete: delete a record of this collection
Export: export the list of records of this collection
From a role's details page, you can also :
toggle which environments users assigned to this role have access to (1)
select which environment you wish to view permissions of or edit them (2)
Only remote environments are available here, since development environments have all permissions
At anytime you may export your user role permissions to a CSV file by clicking on Export user permissions from the Users tab:
It contains User information (1), Smart action name (2) and Collection name (3). Granted permissions (4) are as follows:
empty: the user is not authorized to use that Smart action as part of that team
Trigger: the user can trigger that Smart action
If the approval workflow module is enabled:
Request: the user can ask for an approval to trigger that Smart action
Request/approve: the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action except his own
Request/approve(self): the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action including his own
The permission level of a user determines what Forest Admin administration permissions he has. You can assign one of the following permission levels per user:
Admin - can access project settings (manage teams, user roles, and environments), customize the admin UI (activate layout editor) and manage data.
Developer - can access project settings (environment settings only).
Editor - can customize the admin UI (activate layout editor) and manage data.
User - can only manage data.
You can change a user's role or permission level from their details page:
Go to the Users tab of your Project settings
Click on a user in the list
Change the role and/or permission level assigned to that user
Don't forget to save
