Custom Administrator Permissions - to define new admin roles and access permissions depending on an organization needs
Currently there are set administrator "roles." If an organization's administrators don't fall neatly into these roles, then they end up with either too many or not enough permissions. It would be nice to be able to customize administrator roles, and determine whether that type of admin has full access, read-only access, or no access to all of the items described in the tables on the Site Administrators help page. I.e. A page to create/edit a role with radio selection to determine access for that role for each feature of the site. This would be immensely helpful for reducing clutter for administrators that don't need to see certain features and menu tabs. http://help.wildapricot.com/display/DOC/Managing+site+administrators
Alex Sirota commented
One thing I can recommend is if you need someone to look at content throughout the system but not make changes use the Read Only role. For many this is good enough to make decisions as exports can be made. Once things are running there usually is no need to make changes at all, so if you cannot abide by allowing module administrators to have access to make changes, then just switch them to full admin- read only. It works great!
ANDY WEARMOUTH commented
This is an increasing issue around events and ability to edit contact data. Surely there can be something done to start tightening this up?
The bigger an organisation gets the more of an issue this becomes as tasks have to be delegated to many people. a busy operation will have lots of event organisers - and they shouldn't be able to change member data.
Please address this flaw in admin user permissions.
No updates here, sorry.
Daniel Friedman commented
Any development on this item since 2018 ?
Eric Brinsfield commented
Really need this, at least at some level. I don't want to give lots of people Event Manager rights, but I do want to permit some people to download the list of registrants for an event. In other words, read (to create reports or exports) but not create new events.
Brett Gallaway commented
Has the been any updates to this? This should be in the top of Wild Apricots priority list if you ask me. It scares me to death knowing how much access some of our admins have access to.
Scot McConnachie commented
Since there currently is no means of members having an ability to edit just their own complex events, we decided to use the honor system to encourage members to not edit others’ evens. We started to give them all Event Manager privileges....until we realized that the Event Manager could see all contacts, the detailed financial data of all members, and all of our organization summary financial reports. That was way too much information!
The granularity of administrative functions needs to be drastically increased. Since this granularity defines workflows it is a higher priority than most users realize.
Jean-Claude Gavrel commented
Absolutely! We are a Newcomers Club with over 25 group leaders that need only very narrowly defined access to create/monitor events and send group emails. They only serve for one year and therefore only have limited training. The risk of them damaging other parts of the system is quite high and we need their access restricted.
Barbara Belon commented
Another vote for customizable administrator roles! Totally agree that it is a matter of way too much access for my administrator that is in charge of only a subset of the members (easily identifiable via member Level).
Gaby Priolo commented
Allowing access to Membership details is too much access for administrators we want to manage only a particular member level. It would be great to be able to assign admin rights to specific levels and groups without compromising the entire data. Privacy is an issue at the moment.
Warren Marshall commented
this is exactly what the client requires at the least the ability to create another type of administrator that we could configure the same way as can be done with someone who does not have full administrator access. eg same as an event administrator but different name/handle. Perhaps "member level manager" to manage contacts but not with access to see all the attributes of a contact that a full administrator can see.
Robert Sylvester commented
Make Read-only access, read only. The fact that they can export the entire contact and membership lists is troubling.
They're also allowed to preform searches, make or delete (existing) saved searches.
Oddly enough, event and donation managers can't see the members panel, so in some ways read-only has more rights.
Robert Sylvester commented
Having a read only admin able to download the entire database, isn't read only. Can this be fixed?
Too many people with full admin rights can cause problems if one turns rogue. We have experienced this in the past where we had the complete site deleted. This was a major headache as WA do not keep a backup of the complete site.
The way around this, is of course, to be able to give people individual admin rights to manage their section of the site.
This will also give better control of the business of the association. Enabling the various Group Leaders to better manage their Group requirements. This without the potential to damage the whole site.
We have some +30 different Activity Groups within our Association. We wish the Leader of each Group to not only edit their individual site pages but also to email their individual Group members about upcoming activities
The restricted access system allows you to give the access to one or more of the Group pages. There does not appear to be a selection for emailing Group members.
At the moment my work around is to also give access to Event Management. In light of GDPR and allowing access to Membership details. This is too much access.
Any thought or recommendations or way forward, gratefully received.
Walt Bilofsky commented
Can you at least move Account Administrator (Read-only access) from the radio buttons down to the multiple choice Limited administrator list, where it belongs?
I tried to give my Treasurer the maximum access to financial information, which is the not quite applicable Donation Manager, and then let him do Quickbooks downloads by also checking Account administrator (Read-only access). Quickbooks downloads is only available to Full and Read-only admins.
But you don't let me give him both!
It beggars belief that if the Treasurer is to be able to change any financial data and do Quickbooks export, I have to give him full admin access. I hope I am misreading the documentation on this.
Walt Bilofsky commented
Good idea, Evgeny.
For those interested in following that public Roadmap discussion, the new thread is https://forums.wildapricot.com/forums/308932-wishlist/suggestions/35539993
AdminEvgeny Zaritovskiy (VP Technology of Wild Apricot by Personify, Wild Apricot by Personify) commented
@Walt, Robin - I have deleted your comments on Public roadmap from here and moved them to a separate new thread.
Richard Poling commented
The site administrator having the capability to create customized settings for additional administrative categories would solve the problem that I also voted for in suggesting the creation of a Communications manager category in another section of the Wishlist Forum. Being able to customize the access to various tasks would be great, especially in the case of such positions as newsletter editors, committee chairs, etc., who shouldn't have access to other areas or functions of the website.