1. Good Grants Help Centre
  2. Open award
  3. 03. User roles and management

Ultimate guide to user roles

Alex Bon Ami
Updated

What are roles?

In Good Grants, a user's role dictates which areas of the platform that user has access to and what actions they are able to take in those locations. Certain default roles are provided when your account is created, though custom roles may be configured if necessary. These roles and their associated permissions can be found and edited in the Manage workspace under Settings > Users > Roles

Default account roles

Good Grants provides a series of default roles that fit most programs' needs. These roles are: 

 Role What can this role do? 

Grant manager
  • Has access to every workspace in Good Grants
  • Can add other users as reviewers, chapter managers, or grant managers
  • Can see all data, including hidden fields and reviewer comments
 Applicant
  • Has access to the Apply workspace
  • Can view own applications only
  • Can create and submit own applications
  • Can vote if necessary permission is given
  • Is the default role for registration
Reviewer
  • Has access to the Review workspace
  • Can only see and score applications assigned to them
  • Can only see their own scores unless permissions are changed
  • Cannot see scores of other reviewers unless relevant permissions are given
Lead reviewer
  • Has access to the Review workspace
  • Standard on new accounts but can be configured for legacy accounts
  • Can see and score applications assigned to them
  • Can see their own scores and those of other reviewers
Voter
  • Can only see and vote on applications assigned to them in the Review workspace
  • Can only remove their votes if the score set has been configured to allow it
Guest
  • Has access to the Guest workspace
  • Can be enabled on any account
  • When given the Scores (own) View permission, guests can view galleries
  • Should not be given to registered users
Bookkeeper
  • Has view access to grants, funding, and orders in the Manage workspace
  • Can configure payments
Auditor
  • Has view access to most management areas in the Manage workspace
  • Cannot create or make edits

Create custom roles

Your program may have a set of unique requirements that the default roles may not fit. In these cases, you can create your own custom roles within the platform. 

Important: changing permissions incorrectly may affect the integrity of your program. Please contact Good Grants support if you are not sure about updating or creating a new role.
  1. In the Manage workspace, navigate to Settings > Users > Roles
  2. Click New role
  3. Provide a name for your new role; i.e. "Intern" or "Voter"
  4. Select the checkboxes associated with each area of the platform you wish to give users with this role access to
    Tip: to provide more granular permissions, click Advanced and then choose to 'Deny' or 'Allow' the role permissions as needed (more on what those mean below)
    Advanced
  5. Save

What do 'Deny' and 'Allow' permissions mean?

 Permission  What does this mean?
Deny

'Deny' is the only permission which overrides other permissions for a given resource, even if another role is set to ‘allowed’.

Note: we don't recommend to use the 'Deny' permission as it can prevent a user from accessing parts of the platform if other roles are assigned.
 Allow

 Users of this role are allowed access. 


Commonly given role permissions

 Permission  What does this mean? Which role it applies to by default? Who else can this be applied to?
Scores (own) Anyone who has this permission can see their own score.  This permission is applied to the reviewer role by default. Reviewers can create view, update and delete their own score.

This permission can be given to managers, voter, guest, and applicant role to be able to vote (or score).

 
Scores (others) Anyone who has this permission can see others' scores.  This permission is applied to the grant manager role by default. The grant manager can see scores scores from all reviewers.

1) This permission can be given to lead reviewers so they can see scores from other reviewers.

Note: access to the leaderboard is global and not restricted to the panel(s) the lead reviewer is on.

2) This permission is required to be set when 'Share scores' setting is on in the score set. Share scores allows reviewers to see scores & comments from other reviewers on the entry.

 
Applications (own)  Anyone who has this permission can see their own entry.  This permission is applied to the applicant role by default. The applicant can create, view, update and delete their own entry.   Any role who needs to be able to create & submit an entry 
Applications (others)  Anyone who has this permission can see others' applications This permission is applied to the grant manager and chapter manager roles by default.  

The grant manager can access all applications under Applications > Manage applications

The chapter manager can access applications from their own chapter only.

A new role created who needs access to applications. Can be a PR person or an agency helping the client to collate data from the entry.
Important: changing permissions incorrectly may affect the integrity of your program. Please contact Good Grants support if you are not sure about updating or creating a new role.

Configure role registration

The registration form on the home page is the default registration form which, once completed, grants the default role (usually an applicant role) to the user. Additional registration forms can be configured to allow public or registered users to complete specified user information to register for another role.

To set up role registration, follow these five simple steps:

Step 1: create a role to be granted on successful registration

  1. From the Manage workspace, go to Settings > Users > Roles
  2. Click New role
  3. Give the role an appropriate name
  4. Click the checkbox Registration form for this role is active
  5. On the right, set permissions that will be granted with the role
    Note: for security reasons, only limited permissions are available to roles for which a public registration form is active.
  6. Save the role

Step 2: configure fields to be collected with registration (if applicable)

Navigate to Settings > Users > Fields and configure user fields for each piece of information you want to collect on this role registration form

Note: any other user fields that are set to apply to All roles will also be shown on this role registration form. If you don't want other existing user fields to be displayed on this registration form, change the roles the other user fields apply to.

Step 3: create content to be displayed on the role registration form (optional, but recommended)

  1. Go to Settings > Content > Content blocks
  2. Click New content block
  3. In the Content location drop-down, select Role registration form
  4. Add a relevant title and content
  5. Save

Step 4: create content to be displayed on a page after role registration is complete

  1. Navigate to Settings > Content > Content blocks
  2. Click New content block
  3. For the Content location, set Role registration completed
  4. Add a relevant title and content
  5. Save

Step 5: finalise the form

  1. Go back to Settings > Users > Roles and open the role you created
  2. Under Content block for registration form you can now select the content block you just configured
  3. Under Content block for registration completion you can now select the content block you just created
  4. You will now also see there is a Form URL displayed for the role that can be shared with users you wish to register for the role

If you wish to configure a specific role registration email for these users, you can do so by selecting the 'Role granted' trigger when setting up the notification.  Once this trigger has been chosen, select the Notification applies to some roles radio button and choose your custom role. Continue configuring your notification as normal. For more details, see: Ultimate guide to notifications

Note: the standard 'User registered' notification goes to all roles. If you want home page registration to trigger a notification to applicants only, change the trigger to 'Role granted' and select the applicant role.
Important: to comply with local regulations, SMS messages cannot be sent to numbers registered in Singapore or to UAE residents between the hours of 9pm and 7am. 

Additional configuration options

When editing or configuring roles, there are a few other options to note:

Default role for home page registration

This option allows for the selected role to become the default role given to new users that register for the platform. For example, you may set a voter role as the default after applications have concluded and are set to be evaluated in a voting judging stage. 

Guest account role for anonymous users

Guest users can be given a limited number of permissions that allow them to, for example, view a public gallery. These guest users are not registered with your account. 

Require multi-factor authentication 

You can require users with the selected role to verify their identity at login via multi-factor authentication (MFA). To learn more about this option, see: Multi-factor authentication.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more