Roles & Permissions
Build a custom hierarchy to restrict employee access to only the modules they are authorized to govern.
System Roles: Roles like Teacher, Accountant,
Librarian, Receptionist are deeply hardcoded into the platform's API and Dashboard routing logic.
You cannot delete or rename them, but you can alter their permissions.
1. Creating a Custom Role
If a staff member doesn't fit into the system roles (e.g., "Transport Manager" or "Data Entry Clerk"), build a new one.
- Navigate to Settings & Billing > Roles & Permissions.
- Click the Create Role button.
- Provide a descriptive Role Name.
2. Assigning Granular Permissions
Permissions dictate what buttons and pages the user can see. They are grouped logically by module (e.g., "Student", "Fees", "HR").
Understanding Permission Tiers
- View: User can see the tables and read data, but cannot edit.
- Add/Edit: User can create new rows and modify existing ones.
- Delete: User is allowed to permanently wipe records. (Grant this cautiously!)
- Manage: Full control over the specific sub-module.
- Expand a module group (e.g., "Fees").
- Check the boxes next to the actions you want to grant (e.g., `fees.collection.manage`).
- Once your grid is configured, press Save Role.
[Screenshot: Permission Matrix showing checkboxes grouped by module categories]
3. Deleting Roles
You can delete custom roles, but the system utilizes safety checks to prevent orphan data.
- You cannot delete a role if there is even one Staff Member currently assigned to it.
- The system will throw an error: "Cannot delete - X user(s) are still assigned."
- You must go to the HR Module, re-assign those staff members to a different role, and then return to delete the empty role.
[Screenshot: The System Role deletion blocker error alert]