Who is this article for?

Administrators troubleshooting permissions issues.

Administrator permissions are required to resolve issues.

This article is intended for administrators who are investigating unexpected permission behaviours for users in their organisation.

1. Issue

Permissions in the application are controlled by roles. Each role carries a large number of granular permissions. Users may be assigned a standard role or a custom role (a cloned and modified version of a standard role), and both of those may have the default role permissions changed.

When a user experiences unexpected behaviour, the cause is often subtle - a misconfigured role or a recently changed permission, rather than an obviously wrong role assignment.

If the issue persists after you've completed all the troubleshooting steps and considered all the additional information, open a ticket with us with the following information:

• The affected user's name and current role
• A permissions report (from the Permissions screen)
• The specific action or feature they cannot access, including any errors
• The steps you have already taken
• Whether the issue is isolated to one user or affects multiple users on the same role

2. Troubleshooting

Work through the following steps in order when a user reports a permissions problem.

2.1. Confirm the user's assigned role

Start by checking which roles the user currently has assigned. Do not assume the roles are what the user or a colleague reports - verify it directly in the properties panel for their user.

2.2. Determine whether the role is standard or custom

If the users roles are not modified, their behaviour is predictable and consistent. If roles have been changed, then this can lead to unpredictable results.  You can identify changed roles in the Permissions screen, where changed values are highlighted with a blue background.

2.3. Review the specific permission in question

Check the descriptions for updated permissions, to see whether they impact the behaviour in question.

2.4. Compare against a known-good role

If you are unsure whether a permission setting is correct, compare the user's role side-by-side with a standard role or another custom role that is known to work correctly. Look for any differences in the permissions related to the reported behaviour.

2.5. Check for recent changes to the role

If the user previously had access and has now lost it, check whether the role was recently edited. A change made to a role affects all users assigned to that role, which can cause widespread unexpected behaviour if not carefully managed.

2.6. Test with a standard role

If you are unable to identify the cause, temporarily assign the user a standard role and ask them to test the behaviour again. If the problem resolves, the issue is specific to their role. If the problem persists, the issue may lie elsewhere.

3. Additional information

3.1. Permissions appear correct but behaviour is still wrong

Consider the following possibilities:

• Whether a user is assigned to an Audit. If a user is not assigned to an Audit then they will be picking up the Unassigned roles.
• Feature-level restrictions. Some features may be restricted at a level above individual permissions - this is particularly the case where the customer is using the Small Teams Edition, which hides certain functionality

3.2. Custom roles after cloning

When a standard role is cloned, the copy is an independent snapshot taken at the time of cloning. It does not automatically inherit future updates made to the original standard role. If a standard role is updated and a custom role based on it begins behaving inconsistently, review the custom role's permissions manually and update them as needed.

3.3. Changes affect all users on the role

Any change made to a custom role applies to every user assigned to that role. Before editing a shared custom role to fix one user's issue, consider whether the change might have unintended consequences for others. Where in doubt, clone the role again and assign only the affected user to the new copy while you investigate.