Permissions

 Project.co  is built with a robust permission system that controls what each user can see and do within the application. This ensures data security, maintains privacy, and provides a streamlined experience tailored to individual responsibilities.

How Permissions Work

Permissions in  Project.co  are primarily managed through user roles, but they can also be fine-tuned for individual users.
    Role-Based Permissions: Every user in  Project.co  is assigned a specific role:
  • Team-Admin
  • Team
  • Client
  • External
    Each of these roles comes with a default set of permissions. For example, a "Client" role automatically has limited access, primarily focused on viewing project progress and discussions, while a "Team-Admin" role has extensive administrative capabilities.
    Granular Permissions: Beyond the default permissions granted by a role,  Project.co  allows for granular control over specific actions. These individual permissions determine whether a user can perform actions like creating a project, editing a task, or deleting a file. These specific permissions are stored on each user's profile.

Categories of Permissions

Permissions are categorized to control access to different types of actions and data within  Project.co :
  • People Management:
  • Permission to invite and edit other people's profiles.
  • Permission to archive and restore user accounts.
  • Content Creation:
  • Permission to create new projects.
  • Permission to create new tasks.
  • Permission to create direct messages.
  • Permission to create file folders.
  • Permission to create custom fields.
  • Content Editing:
  • Permission to edit project details.
  • Permission to edit tasks.
  • Permission to edit direct messages.
  • Permission to edit file folders.
  • Permission to edit custom fields.
  • Permission to edit project sections (e.g., within Kanban boards).
  • Permission to edit task sections (e.g., within task lists).
  • Content Deletion:
  • Permission to delete projects.
  • Permission to delete tasks.
  • Permission to delete direct messages.
  • Permission to delete file folders.
  • Permission to delete custom fields.

Managing User Permissions

Only users with appropriate administrative permissions (typically "Team-Admin") can manage other users' roles and permissions.
    Change a User's Role:
  • Navigate to the "People" section from the main navigation.
  • Select the name of the user whose role you want to change. This opens their detailed profile page.
  • In the "Role" section, use the role dropdown to select a new role (e.g., change from "Client" to "Team").
  • When you change a user's role, a comprehensive set of default permissions associated with that new role is automatically applied to their profile.
  • The system may check for available user seats on your subscription plan when changing roles, especially for "Team" or "Team-Admin" roles. If there are not enough seats, the change may be prevented, and a message will be displayed.
    Adjust Individual Permissions:
  • On the same user's detailed profile page, scroll down to the "Permissions" section.
  • Here, you will see various categories of permissions with checkboxes next to each.
  • Select or deselect the checkboxes to enable or disable specific permissions for that user. For example, you can grant a "Team" member the "Can Create Projects" permission if it's not already enabled by their role.
  • Changes made to these individual checkboxes are typically saved automatically.
  • Note that some permissions may be permanently disabled or unchangeable for certain roles (e.g., "Client" or "External" users cannot be granted full administrative permissions).

Impact of Permissions on Feature Visibility

The permissions assigned to your role directly influence what you see and can interact with in  Project.co :
  • Interface Elements: Buttons, input fields, and entire sections of the application are only visible if your role and permissions allow you to use them. For example, the "Delete Project" button is only visible to users with the "Perm - Can Delete Projects" permission.
  • Data Access: Your permissions determine which projects, tasks, files, and discussions you can view. For instance, a "Client" user will only see tasks within their project if those tasks are explicitly marked as "Visible to Clients".
  • Administrative Tools: Access to account-level settings, billing information, and user management tools is restricted to "Team-Admin" roles.
This structured approach to permissions ensures that every user's experience is secure, relevant, and efficient.


Default Permissions for Each Role

To set default permissions for each role:
    Navigate to Account Settings:
  • Click on the account logo at the top of the sidebar.
  • Select "Account Settings".
    Go to User Role Defaults:
  • In the Account Settings sidebar, locate and select "User role defaults". This section displays the default permission settings for each role.

Setting Default Permissions for Each Role

 Project.co  allows you to configure default permissions for the following roles:
  • Team-Admin: This role typically has all permissions enabled by default and these are generally not configurable.
  • Team: For your internal team members.
  • Client: For your external clients.
  • External: Often used for freelancers or other external collaborators.
For "Team", "Client", and "External" roles, you will see a series of checkboxes organized by categories such as:
  • People: Permissions related to inviting, archiving, and restoring users.
  • Create things: Permissions for creating new projects, tasks, direct messages, file folders, and custom fields.
  • Edit things: Permissions for editing existing projects, tasks, direct messages, file folders, and custom fields, as well as project and task sections.
  • Delete things: Permissions for deleting projects, tasks, direct messages, file folders, and custom fields.
To set default permissions for a role:
    Select the Role: Within the "User role defaults" section, locate the role you wish to configure (e.g., "Team", "Client", or "External").
    Adjust Checkboxes: For each permission listed under that role, select the checkbox to enable the permission by default, or deselect it to disable it.
  • For example, if you want all new "Client" users to be able to create tasks, ensure the "Can Create Tasks" checkbox is selected under the "Client" role.
    Save Changes: Changes to these checkboxes are saved automatically as you make them. There might be a "Save Defaults" button to confirm all changes at once.

Impact of Default Permissions

  • New Users: When you invite a new user and assign them a role, they automatically inherit the default permissions configured for that role in your account settings.
  • Existing Users: Changing the default permissions in account settings does not automatically update the permissions of existing users. To apply new default settings to an existing user, you must manually change their role or adjust their individual permissions on their profile page.
  • Granular Overrides: Even with default permissions set, you can always go to an individual user's profile page and adjust their specific permissions. This allows for fine-grained control when a user's responsibilities require deviations from the standard role permissions.
By carefully configuring these default permissions, you can ensure that your account is secure, efficient, and tailored to the needs of your team and collaborators.