Permissions Reference
Below is the complete permissions table that can be assigned to user groups.
Permission Format
Each permission follows the format section.action_entity. The four basic actions are:
- view — View records
- add — Create new records
- change — Edit existing records
- delete — Delete records
Permissions by Section
Clients
| Permission | Description |
|---|---|
core.view_client | View clients |
core.add_client | Create clients |
core.change_client | Edit clients |
core.delete_client | Delete clients |
Facilities
| Permission | Description |
|---|---|
facilities.view_facility | View facilities |
facilities.add_facility | Create facilities |
facilities.change_facility | Edit facilities |
facilities.delete_facility | Delete facilities |
Assets
| Permission | Description |
|---|---|
assets.view_asset | View assets |
assets.add_asset | Create assets |
assets.change_asset | Edit assets |
assets.delete_asset | Delete assets |
Contractors
| Permission | Description |
|---|---|
contracts.view_contractor | View contractors |
contracts.add_contractor | Create contractors |
contracts.change_contractor | Edit contractors |
contracts.delete_contractor | Delete contractors |
Contracts
| Permission | Description |
|---|---|
contracts.view_contract | View contracts |
contracts.add_contract | Create contracts |
contracts.change_contract | Edit contracts |
contracts.delete_contract | Delete contracts |
Work Orders
| Permission | Description |
|---|---|
workorders.view_workorder | View work orders |
workorders.add_workorder | Create work orders |
workorders.change_workorder | Edit work orders |
workorders.delete_workorder | Delete work orders |
Users
| Permission | Description |
|---|---|
users.view_user | View users |
users.add_user | Invite users |
users.change_user | Edit users |
users.delete_user | Delete users |
Full Access Flag
The Full Access flag (has_full_access) bypasses all permission checks. Users with full access:
- See all organization data
- Have access to all sections
- Can perform all actions
- Are not restricted by client/facility assignments