Understanding User Roles & Permissions
Learn about different user roles and their permissions in MartialFlow
Understanding User Roles & Permissions
Overview
MartialFlow uses a role-based permission system to ensure users have appropriate access to features and data. This guide explains each role, their capabilities, and how to assign permissions effectively.
User Role Hierarchy
MartialFlow has three main user roles, each with specific permissions and responsibilities:
Director (School Owner/Highest Access)
↓
Administrator (School Manager)
↓
Instructor (Teaching Staff)Note: Parent/Student access is managed through customer and parent entities, not separate user roles.
Director Role
Who Should Have This Role
- School owners
- Head masters
- Business managers
- Anyone who needs complete system access within their school
Full Access Capabilities
- Entity Management - Complete access to all students, classes, customers, etc.
- User Management - Create, modify, and delete user accounts
- Analytics & Reporting - Full dashboard and analytics access
- Communication System - Complete message and template management
- System Configuration - Profile, appearance, and security settings
Specific Permissions
- ✅ View and manage all entities (students, classes, customers, awards, etc.)
- ✅ Access to full analytics dashboard with all metrics
- ✅ Create and manage instructor groups
- ✅ User creation and role assignment
- ✅ Complete communication system access
- ✅ All verification workflows (customer, grading, class verification)
Security Considerations
- Limited Assignment - Only assign to trusted individuals
- Multi-Factor Authentication - Strongly recommended for Director accounts
- Regular Access Review - Periodically verify who has Director access
Administrator Role
Who Should Have This Role
- Assistant managers
- Senior instructors with administrative duties
- Office managers
- Day-to-day operations staff
Core Capabilities
- Entity Management - Complete management of students, classes, customers
- Communication Tools - Send messages and manage templates
- Analytics Access - View business analytics and reports
- Verification Workflows - Handle customer, grading, and class verification
Specific Permissions
- ✅ Manage all entities within their school (students, classes, customers, etc.)
- ✅ Create and modify class schedules and student records
- ✅ Take attendance and manage student progress
- ✅ Access analytics dashboard and business metrics
- ✅ Send communications and manage templates
- ✅ Handle verification workflows
- ❌ Cannot create: User accounts (Director only)
- ❌ Limited: Some advanced system configurations
Typical Daily Tasks
- Adding new students and managing customer relationships
- Creating and managing class schedules
- Processing grading and verification workflows
- Communicating with customers and parents
- Reviewing analytics and business metrics
Instructor Role
Who Should Have This Role
- Teaching staff
- Assistant instructors
- Substitute teachers
- Part-time teaching staff
Teaching-Focused Capabilities
- Limited Entity Access - Access to entities within their scope
- Group Dashboard - Specialized instructor group dashboards
- Class Management - Basic class operations
- Student Interaction - Limited student management capabilities
Specific Permissions
- ✅ Access to instructor group dashboard (Dashboards → Groups)
- ✅ Limited entity management within their assigned scope
- ✅ Basic class and student operations
- ✅ Communication capabilities for their areas
- ❌ Cannot create: Most entities (limited by role restrictions)
- ❌ Cannot access: Full analytics dashboard
- ❌ Cannot manage: User accounts or system-wide settings
- ❌ Limited access: To entities outside their assigned areas
Instructor Groups
Instructors are organized into groups that determine:
- Dashboard Access - Group-specific dashboard views
- Entity Scope - Which entities they can interact with
- Permission Boundaries - What operations they can perform
- Reporting Access - Group-specific analytics and reports
Customer and Parent Entities
How Family Access Works
Instead of separate user roles, MartialFlow manages family access through:
- Customer Records - Family accounts that group students and billing
- Parent Records - Individual parent/guardian contact information
- Student Relationships - Links between students and their families
Entity Management
- Customers and parents are managed as entities, not user accounts
- Communication happens to these entities from staff user accounts
- Family information is stored in customer and parent records
- Student progress is tracked in student records linked to families
Permission Assignment Best Practices
Role Assignment Guidelines
Director Role
- Assign sparingly - Only to trusted school owners/managers
- Regular review - Quarterly access audits
- Documentation - Keep records of who has Director access and why
Administrator Role
- Day-to-day operations - Ideal for operational managers
- Full entity access - Can manage all school data except users
- Verification workflows - Handle approval processes
Instructor Role
- Teaching staff - For staff with limited administrative needs
- Group organization - Use instructor groups for dashboard access
- Scope limitation - Provides focused access to relevant areas
Security Best Practices
Account Security
- Multi-Factor Authentication - Required for Director and Administrator roles
- Strong Passwords - Enforce password complexity requirements
- Regular Password Changes - Encourage periodic password updates
- Account Monitoring - Monitor login patterns for unusual activity
Access Management
- Principle of Least Privilege - Give users minimum necessary access
- Regular Audits - Review user access quarterly
- Prompt Removal - Remove access immediately when staff leave
- Role Documentation - Document why each user has their assigned role
Managing User Permissions
Creating User Accounts
- Navigate to Tables → Users
- Click the Create button (+ icon)
- Enter user information:
- Email Address - Login email
- Role - Select Director, Administrator, or Instructor
- Personal Information - Name and contact details
- Save the user account
Note: User creation is restricted to Directors only.
Modifying User Roles
- Find user in Tables → Users
- Click "Edit" or "Update" button
- Modify Role assignment
- Verify Changes - Check that user sees appropriate features
- Document Change - Note why permissions were modified
Managing Instructor Groups
- Navigate to Tables → Instructor Groups
- Create groups for organizing instructors
- Assign instructors to appropriate groups
- Groups control dashboard access at Dashboards → Groups
Troubleshooting Permission Issues
Common Issues and Solutions
User Cannot See Expected Features
Check: Role assignment and company context
Solution: Verify role provides necessary permissions and user is in correct company
User Cannot Create Entities
Check: Role permissions for entity creation
Solution: Only Directors can create users; other entity creation may be role-restricted
Instructor Cannot Access Group Dashboard
Check: Instructor group assignment
Solution: Ensure instructor is assigned to a group and try accessing Dashboards → Groups
User Sees "Access Denied" Messages
Check: Role permissions and verification status
Solution: Verify user role allows the action and account is properly verified
Permission Verification Steps
- Login as User - Test access with their credentials
- Check Navigation - Verify they see appropriate menu items
- Test Key Functions - Confirm they can perform expected tasks
- Verify Restrictions - Ensure they cannot access restricted areas
Advanced Permission Scenarios
Multi-Company Operations
- School-Specific Directors - Director role within individual companies
- Data Isolation - Complete separation between schools
- Centralized Management - Directors can manage their own schools independently
Instructor Group Management
- Specialized Groups - Create groups for different program areas
- Dashboard Organization - Use groups to provide focused instructor dashboards
- Scope Control - Groups help limit instructor access to relevant areas
Role Progression
- Start with Instructor - New staff begin with limited access
- Promote to Administrator - Add administrative responsibilities over time
- Director for Ownership - Full access for school owners and managers
Next Steps
Now that you understand user roles and permissions:
- Dashboard Overview for Different Roles - See how each role's interface differs
- Creating User Accounts - Learn how to add team members
- Basic Navigation Guide - Explore the interface
Getting Help
For permission-related questions:
- Review the Staff Management guides for user creation
- Check Troubleshooting Common Issues
- Ensure you understand the company-based security model
Understanding user roles and permissions is crucial for maintaining security and ensuring each team member has appropriate access to perform their duties effectively in the multi-company MartialFlow system.
Still need help?
Our martial arts experts are here to help you succeed with MartialFlow.