'%20stroke-width='24'%20stroke-linecap='round'%20/%3e%3ccircle%20cx='130'%20cy='180'%20r='6'%20fill='%23F8FAFC'%20/%3e%3ccircle%20cx='130'%20cy='250'%20r='6'%20fill='%23F8FAFC'%20/%3e%3ccircle%20cx='130'%20cy='320'%20r='6'%20fill='%23F8FAFC'%20/%3e%3cpath%20d='M%20130%20120%20C%20320%20120,%20390%20190,%20390%20250%20C%20390%20310,%20320%20380,%20130%20380'%20fill='none'%20stroke='url(%23corpSlate)'%20stroke-width='24'%20stroke-linecap='round'%20/%3e%3cpath%20d='M%20180%20320%20Q%20270%20320,%20310%20170'%20fill='none'%20stroke='url(%23statTeal)'%20stroke-width='18'%20stroke-linecap='round'%20/%3e%3cpolygon%20points='325,135%20285,165%20310,170%20330,185'%20fill='%232DD4BF'%20/%3e%3c/svg%3e)
Permissions Reference
Permissions are stored as a bitmask on each role. The UI groups them into three sections when editing roles.
Team permissions
| Permission | What it allows |
|---|---|
| Manage Team | Edit team name, avatar, visibility; manage roles (with rank rules) |
| Manage Members | Invite, revoke, kick members; change roles (with rank rules) |
| Manage Billing | View invoices, edit billing profile, open Stripe portal, change plan |
| Create Spaces | Create new top-level spaces |
| Manage Spaces | Edit/delete any space in the team; team-wide space admin |
Space & page defaults
These apply team-wide as defaults for roles. Private spaces/pages still require explicit membership.
| Permission | What it allows |
|---|---|
| Read Spaces | View spaces and their contents |
| Write Spaces | Create pages inside spaces |
| Manage Spaces | Space settings, members, delete space |
| Read Pages | View decision lists and decision detail |
| Write Pages | Create/edit decisions (subject to lifecycle freeze) |
| Delete Pages | Archive/delete pages and decisions |
| Post Comments | Add comments on decisions |
| Upload Files | Attach files to decisions/comments |
| Manage Comments | Moderate or delete others’ comments |
Global authority
| Permission | What it allows |
|---|---|
| Administrator (Owner flag) | Full bypass — equivalent to Owner role |
Rank rules
When editing members or roles:
- You cannot modify users at or above your rank (except Owner).
- You cannot assign a role above your own rank.
- You cannot grant permission bits you do not hold (except Owner).
Private spaces & pages
If a space or page is Private, the user must appear in that space’s or page’s member list even if their team role would otherwise allow access. Owner always bypasses this.
API vs UI
The app exposes effective permissions as myPermissions on team/space/decision payloads. The UI hides buttons (Create Space, Decision, Settings, Export, etc.) when the relevant bit is absent.