Skip to main content

Managing users, roles and permissions

  • Updated

Contents

Introduction

Users are people with increased ChMeetings account permissions, compared to Members. 

All information about users and their permissions can be found under the Users & Roles module.

Export existing users 

You can export it by clicking the Export button at the top right of the Users module. This will automatically download a spreadsheet that includes essential user information: Name, Mobile Phone, Email, Ministry Name, Role, Status, Last Access Date and Username.

1_users_and_roles_module.png

Manage existing users

Edit a user

To edit a user:

  • Go to Users & Roles > Users.
  • Find the user in the list. 
  • Click the options button next to the user, then select Edit

2_edit_user.png

  • You can now edit the user’s email and username.
  • You can also configure the user’s password yourself, or tick Generate Password to allow the system to generate it for you. In this case, you will not be able to see it.
  • If you create the password yourself, you can choose not to send the account information to the user. If you generate the password, the option will be automatically enabled and will be uneditable. When this option is enabled, the user will be emailed with the information they require in order to log into their account.
  • Click Save when you are done editing.

3_edit_user_options.png

Delete a user

To delete a user, click the options button next to their record, then select Delete

4_delete_user.png

Please confirm your choice by clicking again on Delete. Click Cancel if you no longer want to delete.

5_confirm_user_deletion.png

Edit the role of a specific user

To edit an existing user’s role, click the options button next to their record, then select Roles. You can use the filters at the top of the list if you like to filter by ministry or role, or to search by name.

8_select_edit_roles.png

You will now be shown the current role fulfilled by the user. You can edit it using the Edit (pencil) icon.

9_user_role.png

You can now select which role you would like to assign to this person. The list of roles will display all roles available under your church account, whether default or custom. Click Save when you are ready.

10_edit_user_role.png

If you want to assign someone as a Group Leader, please also select the group(s) they are leading. You can assign any user as a Group Leader, including the Account Owner.

11_assign_group_leader.png

 

Assign multiple roles

Role Type Considerations

You cannot assign two roles of the same type (Account-Level roles) to the same person within the same ministry or account. This is by design, as it would create a conflict in permissions and role hierarchy.

You are able to assign a Group Leader role alongside an Account-Level role. This is allowed only because Group Leader is a different role type (not an Account-Level role) and does not create such a conflict.

However, keep in mind that when a Group Leader role is assigned in addition to an  Account-Level role, the Account-Level role will take precedence, and the Group Leader role will be considered honorary. Therefore, for example, if the Account-Level role has permission to view a specific module (e.g. Accounting), but the Group Leader role does not, the user who was assigned both roles will have access to the module because the Account-Level role grants it. 

The Role Type can be found and configured by going to Users & Roles > Roles & Permissions > Add / Edit Role.

 

 

When a user is already assigned an Account-Level role, then no role of this type will be available to assign to the same user. The list will only contain Group Leader roles. In the example below, the user is already a Treasurer, which is an Account-Level role, so they can only be assigned as a Group Leader or Sunday School Class Leader.


 

Workaround

You can work around this scenario by creating a custom role for specific users to whom you grant access to two Account-Level roles. 

  1. Go to Users & Roles > Roles & Permissions > Add Role.
  2. Create a new custom role, and include all the necessary permissions you want this person to have, combined into this one role. See Add a user role,  below, for details.
  3. Then, go to Users & Roles > Users, edit the relevant user, and assign this new custom role instead of their current one.

 

Steps to Assigning Multiple Roles to the Same User

You can assign multiple roles to someone by clicking the Add Role option, within their Roles editing window. 

12_add_roles.png

You will then be able to add a ministry and the role that you’d like to assign to the person within it. You can assign multiple roles within the same ministry (for example, Admin and Group Leader). Save the new role when ready.

13_multiple_roles..png

All roles assigned to a user will be displayed as shown below. 

14_roles_list.png

 

Reset Two-Factor Authentication for a user

If you are the account owner, or an administrator, then you can reset 2-factor authentication for other users. 

To reset 2FA for a user, within Users & Roles > Users, find the user in question, and select Reset 2FA in their corresponding context menu.

You will be asked to confirm your choice.

On their next login, the user must set up 2FA all over again.

 

Edit the permissions of a specific user

Permissions can be edited at the User Role level, not for individual users. 

To edit the permissions granted to a user role, please see the Manage user roles section, found below.

Communicate to users

If you would like to communicate to a user, you can do so by clicking the options button next to their record, then by selecting Text People, Email People or Send Notification. Notifications can only be sent to people who have installed the mobile app and are logged into it.

6._communication.png

Manage user roles

Default roles hierarchy

The default user roles hierarchy within ChMeetings are: 

    • Owner: The main ChMeetings account owner(s).
    • Admin: People who manage the church account or a ministry.
    • Account-Level Users for whom the Role Type is set to Account.
    • Group Leaders: People who lead groups of members or their Role Type is set to Group Leader..
    • Members: Your general congregation, who can have access to their own ChMeetings accounts if you enable the Member Portal.

These roles can all be edited and adjusted to your needs. You can also add new, custom roles to this default list of options.. 

Add a user role

To add a new user role: 

  • Go to Users & Roles > Roles & Permissions.
  • Click on Add Role.

15_add_role.png

You can now add a name, role type and permissions for your custom user role. 

16_new_role_options.png

Copy an existing role

This feature is useful if you need to create a custom role that inherits most of the permissions of an existing role. This way, the process is faster because all you need to do is make a few changes.

All roles can be copied, except for the Owner. Top copy a role, click the options button next to it, then select Copy Role

17_copy_role.png

This will open in the editing window, where you can adjust and save the new role. Please note that some permissions may not be editable, depending on the Role Type. The Role Type itself is also uneditable when copying an existing role - it will be automatically set to the type of role you are copying.

18_customize_copied_role.png

 

Copy the Admin Role and Grant Access to Ministries

When you copy the Admin role, the new role inherits all permissions associated with the role being copied. You can disable any permission as you see fit. Additionally, roles created as copies of the Admin role let you decide whether the new role has access to all ministries, including child/subsidiary ministries. If you turn on Allow access to all child ministries,  users will gain access to all subsidiary ministries that fall under their assigned ones.  

If you keep this option turned off, users will only have access to the primary ministries they are assigned to.

copy-admin-child-ministry-access.png

Delete roles

It is only possible to delete custom roles. Default roles cannot be deleted. In addition, there has to be no user assigned to the role in question.

To delete a custom role, please click the options button next to it, then click Delete. If the option is not visible, this means that you are trying to remove a default role. 

19_delete_role.png

Please confirm your choice by clicking again on Delete. Click Cancel if you no longer want to remove the role.Please note that deleted roles cannot be resotored.

20_confirm_delete_role.png

If a role has users assigned to it, you will not be allowed to delete it. Please assign the users to a different role before deleting. Please see Editing the role of a specific user above in this article. 

20a.png

List of user permissions

General information

User permissions are organized by modules and differ by role type

  • Owners and Admins are assigned to the “Account” role type.
  • Group Leaders are assigned to the Group Leader role type. 

You can restrict access to an entire module, by keeping all permissions unchecked. You can also uncheck specific features to disable them. To grant access to all features, simply check all the boxes.

The most important permissions

  • View: Users can view information in read-only mode.
  • Add: Users can add new information within a module.
  • Edit: Users can both view and edit information within the selected module.
  • Delete: Users can remove information from within the selected module.

People

Decide if the users assigned to this role type have access to information in people’s profiles and related features. For permissions related to profile fields, you can choose whether to Enable Profile Field security for the role. If you would like to keep all fields enabled and editable, please keep the toggle turned OFF. If you want to restrict access to part of the fields, please turn the toggle ON and check the permissions of each field.

You can set the following permissions related to People:

  • View: Allow viewing the People section profiles.
  • Add: Users can add new profiles.
  • Edit: Let users edit profiles.
  • Delete: Allow deleting profiles.
  • SMS: Users can send SMS to people.
  • Merge: Provides access to the Merge People feature.
  • Import: Provides access to the Import People feature.
  • Email: Let users email people.
  • Notification: Users can send push notifications to people.
  • Archive: Users can use the Archive People feature.
  • Letter: Let users create a letter from the People profile fields using Export > Letter. 
  • Export: Allow users to export records from the People section.
  • Reports: Provide access to the Reports section.
  • Advanced Search: Enable the Advanced Search feature within the People section.
  • Communicate with Parents: Enable the option to Communicate with Parents when sending emails, SMS or push notifications.
  • Communicate with Children: Enable the option to Communicate with Children when sending emails, SMS or push notifications.

You can set the following permissions related to People Notes:

  • View: Allow viewing the Notes section on People profiles.
  • Add: Users can add new notes on people profiles.
  • Edit: Let users edit profile notes.
  • Delete: Allow deleting profile notes.

 

Ministries

Here is where you can allow or restrict the user role type from adding, editing, and deleting ministries; or adding or removing existing people to/from ministries. 

22_ministry_permissions.png

 

Groups

This is where you can allow or restrict people from adding, editing, or removing groups. Admins, Owners, and custom roles may be granted permission to View, Add, Edit, and Delete, as well as to Manage Requests to join the group..

 

Group Leaders may be granted permission to Edit Groups (Name, Description, and Photo), Add existing people to groups and Remove people from groups.

 

Events

This section includes permissions related to event management. Some special permissions include: 

  • View events.
  • Add/Edit lets the user add or edit events. This permission is available for Group Leaders and allows them to add or edit events within their group.
  • Delete allows users to delete events. This option is also available to group leaders, who can be allowed to delete the events they created within their group.
  • View attendance: grants access to lists of people who register or attend an event.
  • Check In: enables the event check in feature.
  • Registration: gives the user permission to register people to events.
  • Cancel registration: allows the user to cancel any event registration.
  • Reports: enables access to the reports that relate to events (e.g.: event attendance rate).
  • Volunteers: provides access to the Volunteers module, to allow users to manage volunteer activities. This permission can also be enabled for Group Leaders.
  • Ticket Payments: allows users to enable the Ticket Payments option for events. If this option is disabled for a role, assigned users cannot create paid events.
  • Service Plan allows users to access the Service plan feature within the Events module. If this is disabled, users will not be able to create  or view Service Plans.

 

Follow up

 

These permissions relate to the follow-up module, and you can allow or restrict people from adding, viewing, editing, or removing follow-ups. In addition, you can set view permissions according to the specific assignment of follow-ups, and grant users permission to modify follow-up actions..

 

Forms

You can allow users to view their own forms or all forms. Additionally, you can decide whether users with the particular role you’re working with can add, edit, or delete forms. Permissions to view, add, edit, or delete forms are also available to Group Leaders.

28 forms.png

 

Contributions (not available to group leaders)

Here is where you can manage access to the Contributions module and some of its major features. You can allow users to view, add, edit, or delete contributions. You can grant access to the Envelopes, Statements, or Online Giving sections and the Online Giving Settings area. Note that if you grant access to Online Giving without the Settings area, users will only be able to access transactions and will not have access to Online Giving Settings.

26

 

Organizations (not available for Group Leaders)

Here is where users may be granted access to viewing, adding, editing, or deleting donor organizations. You must enable Contributions permissions to be able to enable Organizations.

organizations.png

Pledges (not available to group leaders)

Owners, Admins, and custom roles may be granted access to Pledges. The available permissions are: View, Add, Edit, and Delete. Pledges permissions are only enabled if the user role receives access to at least View Contributions.

 

Contacts (not available to group leaders)

This permission allows users to use the Contacts feature within Contributions, allowing them to view, add, edit or delete contacts. You must enable Contributions permissions to be able to enable Contacts.

 

Accounting

These permissions refer to the overall Accounting module and grant users the following access:

  • View: Users can only View the module, in read-only mode.
  • Manage: Users can manage the module - e.g. they can add accounts, transactions, etc.
  • Reports allows users to access accounting reports.
  • Print Checks grants access to the Print Checks feature.
  • Reconciliation lets users access the Reconciliation section and perform such operations. 
  • Categories:: View and/or Manage accounting categories and subcategories. People who can manage this feature can create, delete, import records, etc; within the Categories section of your Accounting module.
  • Budgets: View and/or Manage budgets. People who can manage budgets can create, delete, export, etc; within the Budgets section of your Accounting module.

 

Appointments

This lets users access and use the Appointments module. Users with access can view, add, edit, or delete appointment records, make bookings, or cancel bookings. 

 

Member Portal (not available to group leaders)

These permissions let you manage access to the Member Portal area as well as to new member requests. You can enable or restrict users regarding the following:

  • Member Requests: View requests in read-only mode, See the invitation link, Accept new member requests, or Reject new member requests. Accepting or rejecting new member requests is only required if you do not enable automatic member registration approvals.
  • Blog: This permission manages whether users can view the blog section and blog posts and add, edit, or delete posts.
  • Builder: This permission lets you grant access to the Member Portal > Builder section, where you can decide whether users can view, add, edit or delete cards and content.
  • Media Library: This permission lets you grant access to the Member Portal > Media Library section, where you can decide whether users can view, add, edit or delete content. The Media Library is exclusively available with the ChMeetings Branded App.

Others

  • Users (not available to group leaders): Here is where you can manage whether users can view, add, edit, or delete records within the Users & Roles section.
  • Integrations (not available to group leaders): Here is where you can manage whether users can view, and manage Integrations, within Settings > Integrations.

 

Related articles