Role-Based Access Control

Back to Articles
General For Administrators Role Permissions Last updated: June 20, 2025 Version: 1.0

Role-Based Access Control

Learn how to control user access through customizable roles that grant specific permissions, ensuring employees can access only the features and data relevant to their responsibilities.

Overview

Role-Based Access Control (RBAC) in Shifts allows administrators to assign users to specific roles that determine what they can see and do in the system. This ensures employees have access to the tools they need while maintaining data security and operational integrity.

Understanding Roles and Permissions

Role Types

The Shifts platform includes several built-in roles with predefined permissions:

  • System Administrator - Complete access to all features and settings across all businesses
  • Business Administrator - Full control of settings for their assigned business
  • Location Manager - Management capabilities for specific locations
  • Supervisor - Oversight of employee schedules and attendance
  • Employee - Basic access to personal schedules and time tracking

Organizational Roles

Beyond system roles, you can create organizational roles that reflect your company’s structure:

  • Department Manager
  • Team Lead
  • Shift Coordinator
  • Trainee

Each organizational role can have custom permission sets and report to defined roles in the hierarchy.

Setting Up Role-Based Access

Accessing Role Management

  1. Navigate to Admin Dashboard β†’ Security β†’ Roles & Permissions
  2. The roles dashboard displays existing roles and allows you to create new ones

Creating Custom Roles

  1. Click Create New Role
  2. Enter a descriptive name for the role
  3. Select the parent role in the hierarchy (optional)
  4. Configure permissions for the new role
  5. Save your changes

Assigning Permissions to Roles

Each role can be granted specific permissions across different areas:

  • Schedule Management - Create, edit, or view schedules
  • Employee Data - Access to personal information and work history
  • Time & Attendance - Approve time records, manage exceptions
  • Reporting - Access to different types of reports and analytics
  • Administration - System configuration capabilities

Permission Levels

For each feature, you can set one of these permission levels:

  • No Access - Feature is hidden from the user
  • View Only - User can see but not modify data
  • Edit - User can view and modify existing data
  • Create/Delete - User has full control including adding and removing data
  • Approve - User can review and approve/reject requests

Assigning Roles to Users

  1. Go to Admin Dashboard β†’ Users
  2. Select a user to edit
  3. In the Roles & Permissions section, assign one or more roles
  4. For location-specific roles, select the applicable locations
  5. Save the changes

Role Inheritance and Hierarchy

Roles in Shifts can inherit permissions from parent roles:

  • Child roles automatically receive all permissions from their parent roles
  • Additional permissions can be added to specialized roles
  • If a user has multiple roles, they receive all permissions from each role

Managing Multi-Location Access

For businesses with multiple locations:

  1. Navigate to Admin Dashboard β†’ Users β†’ select a user
  2. In the Locations tab, assign the user to specific locations
  3. For each location, you can assign a different organizational role
  4. Save the changes

Permission Conflicts and Resolution

When users have multiple roles or location assignments:

  • Permissions are additive - the highest level of access is granted
  • Location-specific restrictions take precedence over global permissions
  • System-wide roles override location-specific restrictions

Best Practices

For optimal security and usability:

  1. Follow the principle of least privilege - Give users only the permissions they need
  2. Create role templates for common job functions to ensure consistency
  3. Audit role assignments quarterly to verify appropriate access
  4. Document your role structure for training and compliance purposes
  5. Test new roles with limited users before wide deployment

Related Resources

This article should be updated when:

  1. New system or organizational roles are added
  2. Permission categories or levels change
  3. The role management interface is modified
  4. Inheritance rules or conflict resolution logic changes
Article ID: role_based_access
Related Articles
Creating Custom Roles
Learn how to create and manage custom organizational roles in the Shifts platform, define their permissions, and establish hierarchical relationships to create a role structure that matches your organization's needs.
Permission Management
Learn how to configure and manage permissions for different roles in your organization using the Shifts platform, ensuring users have appropriate access to features while maintaining security and data integrity.
Security Settings
Configure comprehensive security controls for your organization, including password policies, two-factor authentication requirements, IP restrictions, and session management.
In This Section
Department-Based Shift Assignments
Scheduling
Work Rules and Policies
Business Setup
User Roles and Permissions
User Management
User Access Audit
User Management
System Settings Overview
System Configuration View All Articles in This Section