All Collections
Security & Access Control
Permissions
Groups
Groups

Describes group-related permissions on a user's access rights.

Updated over a week ago

Access to specific groups is determined by a combination of access limits, the membership within the group, and the user's permissions (in that order). We'll go over each one in detail below.

1. Access Limits

First, limits on group category, type, and campus are checked to see if the user can even see the group. If they are allowed, then the user's membership within the group is used to determine if they can access the group.

Note: group administrators always have access to their group even if access limits otherwise would have prevented access. The only exception is the campus limit as in that case, the administrator cannot access their group if the group is in a campus they do not have access to.

Group admins have full access to all group tabs as well as edit general group information (except name).

2. Membership

Next, the user's membership within the group is checked. 

  • Member, Leader, and other types - has access to the group only if the group is active and the group membership type is not "Internal."

If the user is not a member of the group, the user's permissions determine access.

3. Permissions

The final check on whether the user has access to the group is to look at their permissions. This is only done if the user is not a member of the group.

Full Read Groups

  • Has read-only access to all groups in the system. This includes internal groups as well.

  • Has access to change logs related to groups, group members, and group positions.

  • Can view group listing in table view.

Limited Write Groups

Users with this permission also have the Full Read Groups permission. This is the same access a group administrator has within their group.

  • Can add, edit, and delete group members

  • Can add, edit, and delete attendance reports

  • Can add, edit, and delete group calendar events.

  • Can add, assign, edit, delete group positions

  • Can add, edit, and delete volunteer schedules

  • Can upload and delete group files

  • Can start group discussions

  • Can delete group discussion threads and messages

  • Cannot edit group details

  • Cannot delete groups

  • Can add a person to a group roster from the person's profile (Involvement > Groups)

Full Write Groups

Users with this permission also have the Full Read Groups and Limited Write Groups permission.

  • Can edit group details

  • Can copy/duplicate an existing group (must also have Create Groups permission)

  • Can delete groups

  • Can add a person to any group roster during manual check-in

  • Can add, edit, and delete values from any drop-down field

  • Can edit and remove a person from a group from the person's profile (Involvement > Groups)

Create Groups

  • Can create new groups

  • Can copy/duplicate an existing group (must also have Full Write Groups permission)

Group Settings

  • Can define custom fields on group types

  • Can add, edit, and delete custom field definitions on group members

Full Write Promotions

  • Can add, edit, delete, and execute group promotion plans

Full Read Discussions

  • Can read discussion messages for all groups

Full Write Discussions

Users with this permission also have the Full Read Discussions permission.

  • Can create, edit, and delete discussion messages for all groups.

4. Special Permissions

Non-admin group members can be granted special access to help manage portions of the group. When editing a group member, a new Access tab is available.

Only group admins and users with Limited Write Groups are able to set special permissions for group members.

Available options are:

  • Can manage events - Can add, edit, and delete group events.

  • Can manage member roster and positions - Can add, edit, and delete group members and positions. This will not allow them to edit any group admins or modify member permissions.

    • Group members with this access will not be able to edit other group admins nor will they be able to set permissions for any members.

    • They also will not be able to grant group admin access to any members.

  • Can manage attendance - Can enter and edit group attendance.

    • While this permission will allow them to create group events, they will not be able to edit the event itself unless they have the "Can manage events" permission as well.

    • Member will not be made an organizer of any events created for attendance.

  • Can manage files - Can upload and delete group files.

  • Can manage discussions - Can start discussions and delete individual messages.

  • Can manage notes - Can add, edit, and delete group notes.

A filter is part of the group listing named "Has Special Access?" which will help return members with elevated access to the group. Members with special permissions will also have a yellow "special access" label within the Type column. Clicking on this will open the "Edit Member" pop up with the "Access" tab already opened.

These options are also available when editing a group member from the mobile app.

Did this answer your question?