User Roles and Permissions

General For All Users User Management
Last updated: January 26, 2026 • Version: 3.0
Table of Contents

User Roles and Permissions

Learn how to effectively configure and manage user roles in MangoApps. This guide covers Organizational Roles (which control permissions and access), and Job Functions (which determine scheduling eligibility). Understand how to assign roles to users and optimize your organization’s workflow with proper access control.

Overview

MangoApps uses a streamlined role system that allows you to define exactly what each user can see, do, and what work they perform. This article explains how to understand, configure, and manage user roles to maintain proper security while enabling efficient operations.

Understanding the Two Types of Roles

MangoApps includes two distinct types of roles that work together:

1. Organizational Roles (Permissions & Access)

Organizational roles determine what features a user can access and their level of authority within your organization. There are two categories:

Default Roles (Pre-configured)

These are the foundation of your permission system and cannot be deleted:

Role Description Typical Permissions
Super Admin Complete access to all features and settings All permissions (cannot be modified)
Administrator Full operational access to manage users, schedules, and settings Organization settings, user management, all operational features
Manager Operational oversight with team management capabilities Team operations, analytics, performance scores, EPMS features
Member Regular employees with self-service permissions Own shifts, attendance, timesheets, and profile

Custom Roles (Business-specific)

You can create custom roles to match your organizational hierarchy:

  • Examples: Director, Regional Manager, District Manager, Location Manager, Supervisor
  • Purpose: Fine-grained permission control for specific job functions
  • Hierarchy Levels: Lower numbers = higher authority (Level 2 is above Level 7)

2. Job Functions (Scheduling & Operations)

Job Functions define what type of work a user performs and their scheduling eligibility:

  • Industry-Specific Examples:
    • Healthcare: Registered Nurse, Licensed Practical Nurse, Medical Assistant
    • Retail: Cashier, Sales Associate, Stock Associate, Shift Supervisor
    • Food Service: Cook, Server, Host, Kitchen Manager
    • General: Manager, Supervisor, Team Lead, Staff

Purpose: Determines shift assignments, skill requirements, and operational work functions.

Key Differences Between Role Types

Aspect Organizational Roles Job Functions
Purpose Permissions & access control Scheduling & operations
Focus What they can see and do in the app What work they perform
Used For Feature access, approvals, admin functions Shift assignments, skills matching
Examples Administrator, Manager, Member, Supervisor Cashier, Nurse, Cook, Server
Customization Default + custom roles with permissions Business-specific job types

How Roles Work Together

A user typically has both an Organizational Role and a Job Function assigned:

Example: Store Shift Supervisor

  • Organizational Role: Manager (can access team management features, view schedules, manage attendance)
  • Job Function: Shift Supervisor (can be scheduled for supervisory shifts, has retail skills)

This combination allows them to:

  1. Access management features in the application (Organizational Role)
  2. Approve time-off requests for their team (Organizational Role permissions)
  3. Be scheduled for supervisory shifts (Job Function)

Managing Organizational Roles

Accessing Roles & Permissions

  1. Navigate to Administration → Roles & Permissions
  2. You’ll see a unified list showing all roles:
    • Default roles are marked with a “Default” badge and cannot be deleted
    • Custom roles can be edited or deleted as needed

Creating Custom Roles

  1. Click New Custom Role
  2. Enter role details:
    • Name: Clear, descriptive role name
    • Description: Role responsibilities and scope
    • Hierarchy Level: Numerical level in your structure (lower = higher authority)
  3. Click Manage Permissions to configure what the role can access
  4. Activate the role when ready

Configuring Permissions

For each role, you can configure permissions for various features:

Feature Area View Permission Manage Permission
Shifts View schedules Create/edit shifts, manage scheduler
Attendance View attendance records Manage attendance, handle exceptions
Timesheets View timesheets Approve/edit timesheets
Leave Requests View leave requests Approve/deny leave requests
Compliance — Manage labor law compliance
Organization Settings — Configure business settings
System Configurations — Manage system-wide settings

Managing Job Functions

Accessing Job Functions

  1. Navigate to Organization Settings → Job Functions & Skills
  2. Click Manage Job Functions

Creating Job Functions

  1. Click Add Job Function
  2. Enter the job function name (e.g., “Cashier”, “Registered Nurse”)
  3. Optionally assign required skills or certifications
  4. Save the job function

Assigning Roles to Users

Simplified Role Assignment

When creating or editing a user, you’ll see a single Role dropdown that shows all available organizational roles:

  1. Navigate to Organization Settings → Users
  2. Select a user to edit or click Add New User
  3. In the Role field, select from the dropdown:
    • Default roles are marked with “(Default)”
    • Custom roles appear without a suffix
  4. Select the user’s Job Function for scheduling purposes
  5. Click Save

Bulk Role Assignment

To change roles for multiple users at once:

  1. Navigate to Organization Settings → Users
  2. Select multiple users using the checkboxes
  3. Click Bulk Edit Selected Users
  4. Select Change Role from the action dropdown
  5. Choose the organizational role from the dropdown
  6. Click Apply Changes

Understanding Role Display

In User Listings

Users display their organizational role as a colored badge:

  • The role name appears prominently in the user list
  • Job Function appears in the user’s profile details

In User Profiles

  • Role: Shows the organizational role (e.g., “Manager”, “Administrator”)
  • Job Function: Shows what work they can be scheduled for

Role Hierarchy and Permissions

How Default Roles Compare

Permission Area Super Admin Administrator Manager Member
All Features ✅ — — —
Organization Settings ✅ ✅ — —
User Management ✅ ✅ View only —
Team Operations ✅ ✅ ✅ —
Analytics ✅ ✅ ✅ —
Performance Scores ✅ ✅ ✅ —
EPMS Features ✅ ✅ ✅ —
Own Profile/Shifts âś… âś… âś… âś…

Custom Role Hierarchy

Custom roles use numerical hierarchy levels:

  • Level 1: Highest authority (typically reserved for executives)
  • Level 2-3: Senior management (Directors, Regional Managers)
  • Level 4-6: Middle management (District Managers, Location Managers)
  • Level 7+: Supervisory roles

Users with lower hierarchy numbers have authority over users with higher numbers.

Setting Up Your Role Structure

Step 1: Plan Your Hierarchy

Before creating roles, map out your organizational structure:

  1. List all management levels in your organization
  2. Assign hierarchy levels (1 = highest authority)
  3. Identify reporting relationships
  4. Determine what permissions each level needs

Step 2: Use Default Roles First

Start with the four default roles before creating custom ones:

  • Super Admin: For business owners and IT administrators
  • Administrator: For HR managers and operations directors
  • Manager: For team leads, supervisors, and department managers
  • Member: For all regular employees

Step 3: Create Custom Roles (If Needed)

Only create custom roles if the default roles don’t meet your needs:

  1. Navigate to Administration → Roles & Permissions
  2. Click New Custom Role
  3. Configure permissions specific to that role’s responsibilities
  4. Set the appropriate hierarchy level

Step 4: Define Job Functions

  1. Navigate to Organization Settings → Job Functions & Skills
  2. Add job functions that match your operational needs
  3. Consider industry requirements and scheduling needs

Common Role Configuration Examples

Retail Store Example

Store Manager

  • Organizational Role: Manager
  • Job Function: Store Manager

Shift Supervisor

  • Organizational Role: Manager (or custom “Supervisor” role with limited permissions)
  • Job Function: Shift Supervisor

Sales Associate

  • Organizational Role: Member
  • Job Function: Sales Associate

Healthcare Example

Charge Nurse

  • Organizational Role: Manager
  • Job Function: Registered Nurse

Staff Nurse

  • Organizational Role: Member
  • Job Function: Registered Nurse

Medical Assistant

  • Organizational Role: Member
  • Job Function: Medical Assistant

Best Practices

Role Assignment Best Practices

  1. Start with Default Roles: Use the built-in roles before creating custom ones
  2. Follow Least Privilege: Grant only the permissions needed for each role
  3. Align with Reality: Organizational roles should reflect your actual management structure
  4. Use Bulk Assignment: For efficiency when updating multiple users

Role Management Best Practices

  1. Review Quarterly: Audit role assignments and permissions regularly
  2. Document Your Structure: Maintain clear documentation of your role hierarchy
  3. Test Before Deploying: Test new custom roles with a small user group first
  4. Maintain Admin Access: Ensure at least two users have Super Admin role

Common Pitfalls to Avoid

  • Don’t confuse Job Functions with Organizational Roles: Job Functions are for scheduling, Organizational Roles are for permissions
  • Don’t create too many custom roles: Keep your structure as simple as possible
  • Don’t forget to activate roles: New custom roles are inactive by default
  • Don’t skip the hierarchy level: Custom roles need proper hierarchy levels to work correctly

Troubleshooting Role Issues

User Can’t See Expected Menu Items

  1. Check their Organizational Role - this controls feature access
  2. Verify the role has the required permissions enabled
  3. Check if the System Module is enabled (e.g., Shifts & Scheduling)
  4. See Understanding Navigation Visibility for detailed troubleshooting

User Can’t Approve/Manage Others

  1. Check their Organizational Role permissions
  2. Verify hierarchy levels - they need a lower number than subordinates
  3. Check if they have the “manage” permission for the relevant feature

User Can’t Be Scheduled for Shifts

  1. Check their Job Function - this controls scheduling eligibility
  2. Verify they have required skills for that job function
  3. Ensure the job function exists in your business settings

This article should be updated when:

  1. Default role permissions change
  2. The role assignment interface changes
  3. New job function features are added
  4. The roles & permissions interface is updated
  5. Permission inheritance features change
  6. New bulk assignment features are added
  7. Role display formats change in the UI
  8. New permission feature keys are added
Article ID: user_roles
Related Articles
Role-Based Access Control
Learn how to control user access through customizable roles that grant specific permissions, ensuring employees can access only the features and data relevant to their responsibilities.
Understanding Navigation Visibility and Role-Based Access Control (RBAC)
Learn why different users see different menu items in MangoApps. This article explains the three factors that control navigation visibility: User Role Level, System Modules, and Permissions (RBAC). Understand how to configure access and troubleshoot when users can't see expected features.
Setting Up Locations
Learn how to create, organize, and configure locations in the Shifts platform to create an efficient hierarchical structure that matches your organization's needs.
User Access Audit
Learn how to use the comprehensive user access audit features in the Shifts platform to monitor user activity, track security events, ensure compliance, and maintain a secure work environment.
Creating Custom Roles
Learn how to create and manage custom organizational roles in MangoApps, define their permissions, and establish hierarchical relationships to create a role structure that matches your organization's needs.