Understanding User Roles & Permissions

Learn about different user roles and their permissions in MartialFlow

Understanding User Roles & Permissions

Overview

MartialFlow uses a role-based permission system to ensure users have appropriate access to features and data. This guide explains each role, their capabilities, and how to assign permissions effectively.

User Role Hierarchy

MartialFlow has three main user roles, each with specific permissions and responsibilities:

Director (School Owner/Highest Access)
    ↓
Administrator (School Manager)
    ↓
Instructor (Teaching Staff)

Note: Parent/Student access is managed through customer and parent entities, not separate user roles.

Director Role

Who Should Have This Role

  • School owners
  • Head masters
  • Business managers
  • Anyone who needs complete system access within their school

Full Access Capabilities

  • Entity Management - Complete access to all students, classes, customers, etc.
  • User Management - Create, modify, and delete user accounts
  • Analytics & Reporting - Full dashboard and analytics access
  • Communication System - Complete message and template management
  • System Configuration - Profile, appearance, and security settings

Specific Permissions

  • ✅ View and manage all entities (students, classes, customers, awards, etc.)
  • ✅ Access to full analytics dashboard with all metrics
  • ✅ Create and manage instructor groups
  • ✅ User creation and role assignment
  • ✅ Complete communication system access
  • ✅ All verification workflows (customer, grading, class verification)

Security Considerations

  • Limited Assignment - Only assign to trusted individuals
  • Multi-Factor Authentication - Strongly recommended for Director accounts
  • Regular Access Review - Periodically verify who has Director access

Administrator Role

Who Should Have This Role

  • Assistant managers
  • Senior instructors with administrative duties
  • Office managers
  • Day-to-day operations staff

Core Capabilities

  • Entity Management - Complete management of students, classes, customers
  • Communication Tools - Send messages and manage templates
  • Analytics Access - View business analytics and reports
  • Verification Workflows - Handle customer, grading, and class verification

Specific Permissions

  • ✅ Manage all entities within their school (students, classes, customers, etc.)
  • ✅ Create and modify class schedules and student records
  • ✅ Take attendance and manage student progress
  • ✅ Access analytics dashboard and business metrics
  • ✅ Send communications and manage templates
  • ✅ Handle verification workflows
  • Cannot create: User accounts (Director only)
  • Limited: Some advanced system configurations

Typical Daily Tasks

  • Adding new students and managing customer relationships
  • Creating and managing class schedules
  • Processing grading and verification workflows
  • Communicating with customers and parents
  • Reviewing analytics and business metrics

Instructor Role

Who Should Have This Role

  • Teaching staff
  • Assistant instructors
  • Substitute teachers
  • Part-time teaching staff

Teaching-Focused Capabilities

  • Limited Entity Access - Access to entities within their scope
  • Group Dashboard - Specialized instructor group dashboards
  • Class Management - Basic class operations
  • Student Interaction - Limited student management capabilities

Specific Permissions

  • ✅ Access to instructor group dashboard (Dashboards → Groups)
  • ✅ Limited entity management within their assigned scope
  • ✅ Basic class and student operations
  • ✅ Communication capabilities for their areas
  • Cannot create: Most entities (limited by role restrictions)
  • Cannot access: Full analytics dashboard
  • Cannot manage: User accounts or system-wide settings
  • Limited access: To entities outside their assigned areas

Instructor Groups

Instructors are organized into groups that determine:

  • Dashboard Access - Group-specific dashboard views
  • Entity Scope - Which entities they can interact with
  • Permission Boundaries - What operations they can perform
  • Reporting Access - Group-specific analytics and reports

Customer and Parent Entities

How Family Access Works

Instead of separate user roles, MartialFlow manages family access through:

  • Customer Records - Family accounts that group students and billing
  • Parent Records - Individual parent/guardian contact information
  • Student Relationships - Links between students and their families

Entity Management

  • Customers and parents are managed as entities, not user accounts
  • Communication happens to these entities from staff user accounts
  • Family information is stored in customer and parent records
  • Student progress is tracked in student records linked to families

Permission Assignment Best Practices

Role Assignment Guidelines

Director Role

  • Assign sparingly - Only to trusted school owners/managers
  • Regular review - Quarterly access audits
  • Documentation - Keep records of who has Director access and why

Administrator Role

  • Day-to-day operations - Ideal for operational managers
  • Full entity access - Can manage all school data except users
  • Verification workflows - Handle approval processes

Instructor Role

  • Teaching staff - For staff with limited administrative needs
  • Group organization - Use instructor groups for dashboard access
  • Scope limitation - Provides focused access to relevant areas

Security Best Practices

Account Security

  1. Multi-Factor Authentication - Required for Director and Administrator roles
  2. Strong Passwords - Enforce password complexity requirements
  3. Regular Password Changes - Encourage periodic password updates
  4. Account Monitoring - Monitor login patterns for unusual activity

Access Management

  1. Principle of Least Privilege - Give users minimum necessary access
  2. Regular Audits - Review user access quarterly
  3. Prompt Removal - Remove access immediately when staff leave
  4. Role Documentation - Document why each user has their assigned role

Managing User Permissions

Creating User Accounts

  1. Navigate to Tables → Users
  2. Click the Create button (+ icon)
  3. Enter user information:
    • Email Address - Login email
    • Role - Select Director, Administrator, or Instructor
    • Personal Information - Name and contact details
  4. Save the user account

Note: User creation is restricted to Directors only.

Modifying User Roles

  1. Find user in Tables → Users
  2. Click "Edit" or "Update" button
  3. Modify Role assignment
  4. Verify Changes - Check that user sees appropriate features
  5. Document Change - Note why permissions were modified

Managing Instructor Groups

  1. Navigate to Tables → Instructor Groups
  2. Create groups for organizing instructors
  3. Assign instructors to appropriate groups
  4. Groups control dashboard access at Dashboards → Groups

Troubleshooting Permission Issues

Common Issues and Solutions

User Cannot See Expected Features

Check: Role assignment and company context
Solution: Verify role provides necessary permissions and user is in correct company

User Cannot Create Entities

Check: Role permissions for entity creation
Solution: Only Directors can create users; other entity creation may be role-restricted

Instructor Cannot Access Group Dashboard

Check: Instructor group assignment
Solution: Ensure instructor is assigned to a group and try accessing Dashboards → Groups

User Sees "Access Denied" Messages

Check: Role permissions and verification status
Solution: Verify user role allows the action and account is properly verified

Permission Verification Steps

  1. Login as User - Test access with their credentials
  2. Check Navigation - Verify they see appropriate menu items
  3. Test Key Functions - Confirm they can perform expected tasks
  4. Verify Restrictions - Ensure they cannot access restricted areas

Advanced Permission Scenarios

Multi-Company Operations

  • School-Specific Directors - Director role within individual companies
  • Data Isolation - Complete separation between schools
  • Centralized Management - Directors can manage their own schools independently

Instructor Group Management

  • Specialized Groups - Create groups for different program areas
  • Dashboard Organization - Use groups to provide focused instructor dashboards
  • Scope Control - Groups help limit instructor access to relevant areas

Role Progression

  • Start with Instructor - New staff begin with limited access
  • Promote to Administrator - Add administrative responsibilities over time
  • Director for Ownership - Full access for school owners and managers

Next Steps

Now that you understand user roles and permissions:

  1. Dashboard Overview for Different Roles - See how each role's interface differs
  2. Creating User Accounts - Learn how to add team members
  3. Basic Navigation Guide - Explore the interface

Getting Help

For permission-related questions:

Understanding user roles and permissions is crucial for maintaining security and ensuring each team member has appropriate access to perform their duties effectively in the multi-company MartialFlow system.

Was this article helpful?

Still need help?

Our martial arts experts are here to help you succeed with MartialFlow.