On this page
Understanding the Permission Model Primary Roles and Their Capabilities Assigning and Removing Permissions Category-Specific Permissions Permission Inheritance and Hierarchy Monitoring and Auditing Permissions Permission Changes and Notifications

Last updated 21 July 2025

Managing Permissions

The permissions system provides fine-grained control over what users can access and modify within the platform. This guide explains how permissions work and how to manage them effectively for your award programmes.

Understanding the Permission Model

Permissions in the system are designed to be flexible and programme-specific. Each user can have different permission levels across different programmes, allowing for precise access control. This model ensures that users only see and interact with the parts of the system relevant to their role.

The permission system is built around three primary roles: Admin, Judge, and Shortlister. Each role comes with a predefined set of permissions that determine what actions the user can perform. Beyond these standard roles, additional custom permissions can be assigned to address specific needs.

Permissions are managed at the programme level, meaning a user might be an Admin for one programme but only a Judge for another. This granularity allows programme managers to create tailored access control schemes that match their organisational structure.

Primary Roles and Their Capabilities

The Admin role grants full access to a programme, including the ability to manage users, configure settings, and oversee all aspects of the nomination process. Admins can view and edit all nominations, manage judges and shortlisters, and make system-wide changes. Due to their elevated privileges, Admin permissions cannot be removed through the standard interface once assigned.

The Judge role provides access to review and evaluate nominations that have reached the judging stage. Judges can only see nominations in their assigned categories that have been marked as Shortlisted or Judged. They can score nominations, add notes, and submit recommendations but cannot modify programme settings or access administrative functions.

The Shortlister role offers read-only access to nominations in the early stages of the selection process. Shortlisters can view nominations in their assigned categories that have been marked as Contacted, Confirmed, or Shortlisted. This role is designed for team members who help with the initial screening of nominations but don't participate in the final judging.

Assigning and Removing Permissions

To manage a user's permissions, navigate to their profile page or access the permission controls from the user management interface. The permission buttons display the current status of each permission, with active permissions highlighted in red and inactive ones in gray.

To grant a permission, simply click the gray button for that permission. The button will change to red, indicating that the permission is now active. To remove a permission, click the red button, and it will revert to gray, indicating that the permission has been removed.

When assigning permissions, consider the principle of least privilege: users should only have the permissions necessary to perform their tasks. Overly broad permissions can lead to accidental changes or security concerns. It's generally better to start with minimal permissions and add more as needed rather than granting extensive access initially. We include an Audit tab for each user to ensure they have access to only what they should have.

Category-Specific Permissions

For programmes with multiple categories, permissions can be further refined by category. This allows you to assign judges or shortlisters to specific categories, ensuring they only see nominations relevant to their expertise.

Category permissions are particularly useful for large programmes with specialised judging panels. For example, a technology award might have different judges for software innovation versus hardware design. By assigning category-specific permissions, each judge only sees nominations in their area of expertise.

To assign category permissions, use the category selection options when configuring a user's permissions. You can select multiple categories for a user if they need to review nominations across different areas.

Permission Inheritance and Hierarchy

The permission system follows a hierarchical model where higher-level roles inherit the capabilities of lower-level roles. For example, an Admin automatically has all the permissions of a Judge and a Shortlister, plus additional administrative capabilities.

This inheritance model simplifies permission management by reducing the number of individual permissions that need to be assigned. When you grant a user the Admin role, you don't need to separately assign Judge or Shortlister permissions, as these are implicitly included.

Monitoring and Auditing Permissions

As a programme administrator, it's important to periodically review user permissions to ensure they remain appropriate. Users who no longer need access to certain programmes should have their permissions removed promptly (i.e. at the end of the Shortlisting or Judging periods).

The user management interface provides a clear overview of all users and their permissions, making it easy to audit who has access to what. This transparency helps maintain security and ensures that permissions align with current roles.

Permission Changes and Notifications

Users are not automatically notified when their permissions change, so it's good practice to communicate significant permission changes directly to affected users. This helps them understand their new capabilities or limitations and prevents confusion when using the system.