Roles User Guide

The Tehama platform currently defines three roles: Admin, Manager, and Staff Member.

General Role Information

This section explains what the various roles can do with respect to their own organization.

The following table provides a brief overview of the three roles in Tehama:

Admin Managers Staff Members
Has full access Have full access except for billing/invoicing Can access rooms they've been added to and approved to access
Has full management capabilities Are able to manage their own organization and add, edit, remove teams, team members and policies but cannot delete the organization Can edit their own profile, and can access rooms they've been added to and approved to access
Receives all approval notifications for Rooms and Room membership

Note that there is only 1 Admin per organization, known as the 'organization owner', but the Admin can transfer their role to another member of their organization by selecting another member and making them an Admin.

Roles and their permissions vis-a-vis Room management

This section is a bit more complicated and applies to both Managers/Admins. For the purpose of this section consider Manager to mean Manager/Admin.

Note that people with the Staff role have no permissions with respect to Room management.

The roles and permissions of Managers change for Rooms depending on whether their organization is:

  • Owner+Connected: Their organization created the room (i.e.: they are paying for it) and connected it (i.e.: they configured the network access for the room).
  • User-only: Their organization has been added to a room that another organization is paying for and has connected.
  • User+Owner: They've created and are paying for a room but it's connected to another org.
  • Connected-only: They've connected the room that another organization is paying for.

The following table outlines the roles and the permissions associated with Room management:

OWNER+CONNECTED USER-ONLY USER+OWNER CONNECTED-ONLY
Full control/approval of membership and policies Can propose team members for membership to room Can propose team members for membership to room Full control/approval of membership and policies
Full control/approval of tools/tool configurations. Can request new tools/tool configurations that will be approved by the Owner/Connected organization. Can add new tools/tool configurations Do not control tool configurations but set policies
Full control of connection and audit of work No audit Access to audit Full control of connection and audit of work
Admin (not Manager) can delete audit information Admin (not Manager) can delete audit information