Settings & Configuration

Custom Roles

Custom roles let you create permission sets tailored to your organization's needs. While the 6 system roles cover common scenarios, custom roles provide fine-grained control for specialized workflows.

Who Can Create Custom Roles?

Only Organization Admins can create, edit, or delete custom roles. Branch Admins can view roles but cannot modify them.

Creating a Custom Role

Open Roles & Permissions

Navigate to Settings → Roles & Permissions. You'll see two tables: System Roles (read-only) and Custom Roles.

Click "Create Custom Role"

Click the Create Custom Role button above the custom roles table. A drawer opens with the role creation form.

Enter Role Details

Provide a name and optional description. The name must be unique within your organization.

Select Permissions

Use the permission tree to select specific permissions. Expand categories to see individual permissions. A badge shows the total count of selected permissions.

Save the Role

Click Create to save. The new role appears in the Custom Roles table and can now be assigned to users.

Role Form Fields

Field	Required	Type	Description
Role Name	Required	text	A descriptive name for the custom role (e.g., "Content Reviewer").
Description	Optional	textarea	Optional text explaining the purpose of this role.
Permissions	Required	tree-select	Select individual permissions from the permission tree. Permissions are grouped by category.

Managing Custom Roles

From the Roles & Permissions page, you can perform these actions on custom roles:

View Details — Click a role to see its name, slug, description, and full permission list
Edit — Modify the role name, description, or permissions. Changes apply immediately to all users with this role
Clone — Duplicate an existing role as a starting point for a new one. Useful for creating variations
Delete — Remove a custom role. Users assigned to this role will lose the associated permissions

Editing Active Roles

Changing permissions on a custom role affects all users who have that role assigned. Review the user list before making permission changes to avoid accidentally revoking access.

Common Use Cases

Content Reviewer — Can view and approve questions but not create exams (question:view, question:update)
Reports Analyst — Can view analytics and generate reports but not manage users (analytics:view, reports:view, reports:create)
Exam Coordinator — Can create and schedule exams but not grade them (exam:create, exam:update, exam:assign)
Read-Only Admin — Can view all data across branches but not modify anything (all :view permissions)

Start with Clone

Instead of building a custom role from scratch, clone the closest system role and remove the permissions you don't need. This is faster and less error-prone.

Roles & Permissions

Security Settings