Skip to main content

Roles & Permissions

Admin Panel

Built-in Roles

Pidima uses a hierarchical role system with five distinct levels:

Pidima Management

  • Platform-level administration
  • Organization creation and management
  • Full system access across all organizations
  • Reserved for Pidima platform administrators

Organization Super Admin

  • Full control within their organization
  • User management across the organization
  • Account creation and management
  • Access to all accounts and projects within the organization
  • Configure organization-wide settings

Account Admin

  • Manage specific accounts they're assigned to
  • Create and manage projects within their accounts
  • Assign users to projects
  • View and manage all data within their accounts
  • Cannot create new accounts

Project Manager

  • Full control over assigned projects
  • Manage project team members
  • Create and manage requirements
  • Generate test cases and reports
  • Configure project settings
  • Cannot create new projects

Project User

  • Standard access to assigned projects
  • Create and edit requirements
  • Generate test cases
  • Update traceability
  • View reports
  • Cannot manage project settings or users

Permission Structure

The authorization system follows a hierarchical model where permissions cascade down:

  • Organization Level: Controls account creation, user management, and org-wide settings
  • Account Level: Controls project creation and account-specific management
  • Project Level: Controls requirements, test cases, and project-specific operations

Role Assignment

Users can have different roles across different contexts:

  • A user might be a Project Manager in one project and a Project User in another
  • Account Admins automatically have access to all projects within their accounts
  • Organization Super Admins have access to all accounts and projects

Authorization Checks

The system performs authorization checks for all operations:

  • Create Operations: Verified at the appropriate level (org, account, or project)
  • Read Operations: Based on role assignments and project access
  • Update Operations: Requires appropriate role at the resource level
  • Delete Operations: Restricted to higher-level roles

Access Control

Access is determined by:

  1. User's role type
  2. Specific role assignments (account/project level)
  3. Resource ownership
  4. Organizational hierarchy