Localist has upgraded to a Modern User Roles & Permissions Management system.
Over the years, we've received a lot of feedback about how our previous permission structure was confusing and limiting. Permissions couldn’t stack on top of each other, leaving gaps that left you wondering which role to choose. Moving to RBAC offers a clear, granular approach that allows you to assign permissions precisely aligned with your users’ responsibilities, enhancing security and simplifying user management.
Check out what's changed, what didn't change, and what's new:
Platform Admins will continue to be Platform Admins with full access to the entire calendar platform
Event Admins will have new titles as well, depending on their permissions:
- Event Admin with Publish Events permissions is now Event Editor
- Event Admin without Publish Events permissions is now Event Author
The supplemental roles you’re familiar with today are still there, just with new titles:
- Bulletin Admin is now Bulletin Manager
- Channel Admin is now Channel Manager
- Group Admin is now Groups Manager
We’re also very excited to introduce some new roles, created specifically from user feedback:
- Calendar Manager who oversees the entire calendar and ensures smooth operation for all content
- Event Manager who plans and bulk manages all events, regardless of any restrictions
- Theme Developer who customizes the appearance and branding of the calendar
- System Administrator who configures any settings necessary for the calendar such as Register or Domain & Security
We’re very excited about this evolution to a modern user management system. It provides clarity for our current roles, lays the foundation for secure and scalable user management, and sets the stage for Localist to introduce new features and roles that grow and adapt with all of your future needs!
Default User Definition Roles:
Platform Admins have access to ALL features and functionality.
Calendar Managers oversee the entire front end calendar and content within the Admin Dash. They do not have access to certain high level backend settings such as display, Register, Platform Settings, or domain and security.
Event Managers plan and manage all events, regardless of any restrictions.
(formerly Event Admin with Publish Events permissions)
Event Editors can create and publish events using the Admin Dashboard, as well as review other pending events to ensure they are up to guidelines.
(formerly Event Admin without Publish Events permissions)
Event Authors can create and submit new events for review using the Admin Dashboard.
(formerly Bulletin Admin)
|Bulletin Managers easily manage templates, contact lists, and campaigns to promote events with email newsletters.|
(formerly Channel Admin)
|Channel Managers organize and curate dedicated event Channels.|
(formerly Group Admin)
|Group Managers oversees both Groups and Departments.|
|Theme Developer*||Theme Developers customize the appearance and branding of the calendar. They do not have any other access to the back end besides appearance and display settings.|
|System Administrator*||System Administrators configure any settings necessary for the calendar such as Register and Domain & Security. They do not have any other access to the back end otherwise.|
(* indicates a NEW user role)
Non-Permission User Designations
Verified: After an account is created, Localist will send an email to the user’s email address asking them to verify their address by clicking the included link. If a user does not verify their account this flag will remain unchecked and they will not receive any emails from Localist. They will still be able to use the calendar as a logged in user.
Pending: If a user uses the Invite Friends feature to send event details to an address that is not already saved on the platform/connected to a current user, the email will be listed as a pending user.
Assigning Permission Levels
- Navigate to Users > All Users
- Select a user’s name from the list
- Find the Permissions section in the middle of the user account page
- Select the appropriate level(s)
- Save changes.
- User must always be checked. This is what allows them to login to and interact with your platform (i.e. submit an event, I'm Interested, leave a comment, etc.)
Restricting Content Moderation
How to Restrict Event Admins
- Allowed: Access to only this Filter. If you Allow someone to a Filter, Group, and/or Department, they have permission to moderate (approve/reject) events in their designated Classification and submit events to other Classifications via the Public Submission Form for approval by an Event Admin assigned to that Classification.
- Excluded: Access to all Filters except this Filter. When you Exclude someone from a Filter, Group, and/or Department, this prevents an Event Admin from interacting with anything associated with that Classification. This also means that they will not be able to submit an event via the Public Submission Form for approval.
- Selecting a Parent Filter Item will allow the user to access all its Child Filter Items.
Once a user is Allowed to Filters, Groups, and/or Departments, they will only have access to those Classifications. In comparison, once a user is Excluded from Filters, Groups, and/or Departments, they will not have access those Classifications.
How Does It Work?
- When adding events, only the Classifications the Event Admin is Allowed to will appear in the form for them to choose from.
- When moderating events, the Event Admin will only be able to see and edit events that have at least one of their Allowed Classification items.
- Example: If an event has the Filter "Health & Wellness" and "Community", an Event Admin Allowed to "Community" will be able to see and edit the event because it has at least one of their Allowed Filter Items assigned to it.
- The Pending Queue will automatically update to show events with an Event Admin's Allowed Classifications or update to show no events if none of the pending events match at least one of their Allowed Classification items.
- Similarly, if an Event Admin with restricted permissions receives the Pending Digest email, then the email will include all pending events, but when the Event Admin navigates to the Pending Queue in the Admin Dashboard, they will only be able to see and moderate those events matching their Allowed/Excluded Permissions.
- BEST PRACTICE -
We suggest having at least one Event Admin with access to all Classifications (leaving the Allowed/Excluded sections blank). If a user submits an event and forgets to add the Classification item the Event Admin is Allowed to, the Event Admin will not see the event in the Pending Queue for moderation.