Custom Administrator Permissions - to define new admin roles and access permissions depending on an organization needs
Currently there are set administrator "roles." If an organization's administrators don't fall neatly into these roles, then they end up with either too many or not enough permissions. It would be nice to be able to customize administrator roles, and determine whether that type of admin has full access, read-only access, or no access to all of the items described in the tables on the Site Administrators help page. I.e. A page to create/edit a role with radio selection to determine access for that role for each feature of the site. This would be immensely helpful for reducing clutter for administrators that don't need to see certain features and menu tabs. http://help.wildapricot.com/display/DOC/Managing+site+administrators
John Oldland commented
yes this feature would be very helpful to our organisation, Allowing access to Membership details is too much access for administrators we want to manage only a particular member level. It would be great to be able to assign admin rights to specific levels and groups without compromising the entire data. Privacy is an issue at the moment.
Robin Sapiro commented
Did you perhaps see that email from Phil Dolan
Chief Marketing Officer
today at about 11:48 EDT telling us all how wonderful things are going to be?
(Sort of sounded like a politician telling us what he would do if we elected him - 'stretch goals for those of you who live in ON').
Anyway suggest replying to him with all the concerns.
Now sadly the reply to address is a generic address so who knows if he will see any responses.
Just a pity that a C suite executive hides behind a generic email address
We are WCE commented
YES! I love WA but this feature is really needed to make the experience better!!
Alex Sirota commented
One thing I can recommend is if you need someone to look at content throughout the system but not make changes use the Read Only role. For many this is good enough to make decisions as exports can be made. Once things are running there usually is no need to make changes at all, so if you cannot abide by allowing module administrators to have access to make changes, then just switch them to full admin- read only. It works great!
ANDY WEARMOUTH commented
This is an increasing issue around events and ability to edit contact data. Surely there can be something done to start tightening this up?
The bigger an organisation gets the more of an issue this becomes as tasks have to be delegated to many people. a busy operation will have lots of event organisers - and they shouldn't be able to change member data.
Please address this flaw in admin user permissions.
No updates here, sorry.
Daniel Friedman commented
Any development on this item since 2018 ?
Eric Brinsfield commented
Really need this, at least at some level. I don't want to give lots of people Event Manager rights, but I do want to permit some people to download the list of registrants for an event. In other words, read (to create reports or exports) but not create new events.
Brett Gallaway commented
Has the been any updates to this? This should be in the top of Wild Apricots priority list if you ask me. It scares me to death knowing how much access some of our admins have access to.
Scot McConnachie commented
Since there currently is no means of members having an ability to edit just their own complex events, we decided to use the honor system to encourage members to not edit others’ evens. We started to give them all Event Manager privileges....until we realized that the Event Manager could see all contacts, the detailed financial data of all members, and all of our organization summary financial reports. That was way too much information!
The granularity of administrative functions needs to be drastically increased. Since this granularity defines workflows it is a higher priority than most users realize.
Jean-Claude Gavrel commented
Absolutely! We are a Newcomers Club with over 25 group leaders that need only very narrowly defined access to create/monitor events and send group emails. They only serve for one year and therefore only have limited training. The risk of them damaging other parts of the system is quite high and we need their access restricted.
Barbara Belon commented
Another vote for customizable administrator roles! Totally agree that it is a matter of way too much access for my administrator that is in charge of only a subset of the members (easily identifiable via member Level).
Gaby Priolo commented
Allowing access to Membership details is too much access for administrators we want to manage only a particular member level. It would be great to be able to assign admin rights to specific levels and groups without compromising the entire data. Privacy is an issue at the moment.
Warren Marshall commented
this is exactly what the client requires at the least the ability to create another type of administrator that we could configure the same way as can be done with someone who does not have full administrator access. eg same as an event administrator but different name/handle. Perhaps "member level manager" to manage contacts but not with access to see all the attributes of a contact that a full administrator can see.
Robert Sylvester commented
Make Read-only access, read only. The fact that they can export the entire contact and membership lists is troubling.
They're also allowed to preform searches, make or delete (existing) saved searches.
Oddly enough, event and donation managers can't see the members panel, so in some ways read-only has more rights.
Robert Sylvester commented
Having a read only admin able to download the entire database, isn't read only. Can this be fixed?
Too many people with full admin rights can cause problems if one turns rogue. We have experienced this in the past where we had the complete site deleted. This was a major headache as WA do not keep a backup of the complete site.
The way around this, is of course, to be able to give people individual admin rights to manage their section of the site.
This will also give better control of the business of the association. Enabling the various Group Leaders to better manage their Group requirements. This without the potential to damage the whole site.
We have some +30 different Activity Groups within our Association. We wish the Leader of each Group to not only edit their individual site pages but also to email their individual Group members about upcoming activities
The restricted access system allows you to give the access to one or more of the Group pages. There does not appear to be a selection for emailing Group members.
At the moment my work around is to also give access to Event Management. In light of GDPR and allowing access to Membership details. This is too much access.
Any thought or recommendations or way forward, gratefully received.
Walt Bilofsky commented
Can you at least move Account Administrator (Read-only access) from the radio buttons down to the multiple choice Limited administrator list, where it belongs?
I tried to give my Treasurer the maximum access to financial information, which is the not quite applicable Donation Manager, and then let him do Quickbooks downloads by also checking Account administrator (Read-only access). Quickbooks downloads is only available to Full and Read-only admins.
But you don't let me give him both!
It beggars belief that if the Treasurer is to be able to change any financial data and do Quickbooks export, I have to give him full admin access. I hope I am misreading the documentation on this.