Event Manager without being Event Admin
Prevent Event Admins from editing member data - or allow some events to be configured by non-admin. We want to allow certain members (rotates - different person each year) to be the 'admin' of an event but not give them full access (editing member data, viewing member financial info unrelated to the event). Wish there were a way to allow them to edit and monitor event registrations without being an admin.
Kendra Sechovec
shared this idea
73 comments
-
ANDY WEARMOUTH
commented
This is a serious issue. I can't see any logic in enabling an event manager to "edit" Contact info. Surely this can be turned off without impacting functionality. I realise the option exists to import guest registrant info into Contacts but it should be up to an administrator or Membership Manager to edit and clean this stuff, not the event organiser. Event managers do need to be able to receipt invoices for cash or check payments so some access to invoices is necessary to perform the role.
-
Chad
commented
Please address this glaring issue.
-
Trevor Jones
commented
This is very disappointing to discover after we purchased a license. We'll be meeting to discuss requesting a refund and looking elsewhere. I can't believe this has been around for 5 years and not addressed.
-
edwardsproul
commented
This might be one of the most serious flaws in the Wild Apricot system and it seems that it has been around for a long time. The developers seem to not take this flaw seriously and as far as I can tell they have done nothing about it. This is strange since the solution of making a subset of the Events Admin designation with limited rights seems to be an easy fix. Does anyone know of a competitor MMS that does have this capability?
-
edwardsproul
commented
I agree with this need as all the members of a HOA should all be empowered to create events in their association. To limit it to just one person is illogical and to give everyone the much too powerful capabilities attached to the "Event Manager" designation is malpractice. As it is now the Events functionality of the website is unusable for my purpose. There have been a few work arounds published by frustrated users in the attempt to make this function work:
1. Embed a Google calendar in the website and lose the Wild Apricot gadget. Members can add events which can then be sent to the admin for a manual entry.
2. Subscribe to the Teamup shared calendar and embed it in the website. It also must inform the admin to do a manual event entry.
Of course at a certain point when you find that you have to replace Wild Apricots functionality with other apps to make the site work you will eventually come to the conclusion that replacing the whole website and moving to another host is the better solution. -
Alan B
commented
Totally agree with the comments here. There should be an event admin role who is assigned an event(s) and has limited access/capability
-
Will Phillipson
commented
As a club, we have admins who set up events and manage WA. However, each event is run by an activity leader who is not necessarily an admin. We would like to enable the activity leader to be an "admin" to manage their event, but not have access to other events. In particular, the ability to see the registrations; manage the waitlist; send emails to registrants; use the admin app to record attendance / check in attendees, etc.
-
Jen Ontario Camps Association
commented
I agree with the comments I'm seeing. I've had to go to paper check-ins at the registration table because event admins have access to the full database of sensitive member information. Feel like I'm going backwards!!
-
Laurie Principe
commented
We would love to see this too. Event Admins have way too much access to financial records. Agree that access needs to be restricted to prevent everyone with event access from doing these tasks which should be handled only by someone with a higher level of event access.
Add/modify invoices
Record/modify payments
Settle/unsettle payment
Add/modify refundsThis request/idea has been known to Wild Apricot for four years. Why is nothing happening?
-
Ken Phillips
commented
The ability of event admins to have access to financial records and access to data base of members is a huge hole in the system. I is the main reason we kept our PayPal instead of using Wild Apricot. We have 5000 members and hold 500 events. We have 30 event admins with too much access. The big reason the need access is to know who the participants are and if they have paid. I see comments here 5 years old. This is a huge security problem and I think it should have more importance attached.
-
Tim Dahl
commented
Any Update on this? We need to have multiple individuals checking members into events but not have full access as Event Admin. It really seems like there is never any movement on security related issues. This may become a deal breaker very soon due to privacy and security.
-
Ashley
commented
I don't want my event managers to view finances and have anything to do with invoices. My website is set up so that all payments are made online in order for someone to register for an event and become a member. My event managers don't need to deal with any finances.
I only want my event manager adding new events, modifying/duplicating existing ones, adding/modifying/canceling registrants, managing waitlists, and emailing members or event registrants (creating their own customized event emails, announcements etc). The finances side should have the option of hiding details from the event manager admins.
-
Alex Sirota commented
A limited "events coordinator" role could be useful. The role would be a scaled down version of the event manager. These features available to a full events manager would be eliminated from an event coordinator capabilities:
View contacts list
View contact details
Add new contact
Modify contact details
Run saved searches
Export contactsThese financial roles would also be eliminated for an event coordinator:
Add/modify invoices
Record/modify payments
Settle/unsettle payment
Add/modify refunds -
Huw Morgan
commented
I just joined an organization and became an event manager. My mind was boggled by the access that I was granted. To be able to access all personal information (name, address, phone number) for all members is just not acceptable. It flouts every information security rule in the book. In order to get around this deficiency, we now have to have a tight group of event admins that respond to emails from event conveners because we can't grant them admin access without opening ourselves up to breaches of personal information. How do you get away with this?
-
Allison Morris
commented
Event Manager Administrator Role profile should have varying levels of permission. If levels are not available, an Account Administrator should be able to restrict access of an EVENT MANAGER administrator to specific events or limit to check-in only. Our events often involve a lot of volunteers that work check-in They don;t need access to create/manage ALL events. That is kinda scary:-)
-
Nina Cavanagh
commented
I hope there is somewhere a request under this subject to restrict Event Managers to their own event AND not allow them to touch the financials. Currently, an Event Manager has the same powers as our Treasurer - (who has to be a Donations Manager ???) which is extremely annoying to our Treasurer and potentially open to the Event Manager perpetrating fraud.
-
Webmaster
commented
Hi, thanks for the App. Our members and the organizers really love it. But as a main event manager of all our events, I would be happy if I could choose and reduce the rights of each event organizer. At the moment I have to give each organizer the full rights as an event manager - even when he only checks-in participants of his event via the App. Actual that means every organizer could modify or delete by mistake each event even it is not his own.
I would appreciate it if the event organizer (as set in the event emails) could manage only his own events.
If that will not be possible to realize I would appreciate it if I could choose the rights of each organizer. For example: can delete events, can edit, can add contacts (non-members) or can only check-in the participants.
That would be very helpful. -
Jason Yee
commented
Are there other wishlist items similar to this? I would love to give more access to event organizers in my organization, but it is not possible because allowing them to be event managers on the system also allows them to edit member data and view other financial information.
-
Randy Rensch
commented
I've already commented that this wish, maybe combined with the addition of a second Organizer (assistant, reservationist, whatever) would be firmly in the Top 5 of our organization's wishes, so I won't go on about how we would use it.
Meanwhile, for those here who mention that the Organizer of a single event should not receive emails regarding other events, note Support's advice that each event can have a separate organizer. But that still leaves a problem: Unless the Organizer is herself registered, she will receive all the promotional emails for it.
We have a privacy workaround that involves setting up an autoforward "event address" for each event, at our hosting service. After entering that event address in our Contacts list, it is then specified as the Event organizer. It's a Rube Goldberg scheme, and requires setup by someone trusted to access our hosting account (2-5 min chore for each address) but it works. We can forward simultaneously to the various managers in involved in the event (somewhat obviating the need for separate Manager, Organizer and Reservationist fields), and the Organizer's personal address is not broadcast to our entire mailing list. (However, unless a special Gmail (etc) account is used, it will be disclosed to Registrants who the Organizer contacts. The relevance to this thread (sorry for burying the lead!) is that unless the event address is configured to opt out of mass mailings, the Organizer will get all the promotional emails about ALL our events. Luckily that setup is very easy and a one-time thing.
Alternatively, if privacy is the only concern, maybe each Organizers could have their own Gmail address. I don't know offhand if Gmail can be configured to autoforward. If so, that would resemble our system. But without autoforwarding, accessing a special Gmail account would be yet more work for the Organizers and those who teach them. And it would be a ton of work for the Organization to create and configure many scores of Gmail accounts.
Maybe WA should think about ways to pull all these concerns and workarounds together within the WA system. If not, hopefully some of what I've described will be helpful to some here.
-
Doug, you can already change the event organizer for individual events. For details, see https://gethelp.wildapricot.com/en/articles/31#organizer
