Roles & Permissions

Roles and permissions define who can do what inside your school.

They control actions such as:

Managing members
Creating groups
Sending invitations
Moderating content
Accessing school configuration

A clear role structure helps maintain organization, security, and accountability within your school.

Role-Based Access Control (RBAC)

Hischool uses a Role-Based Access Control (RBAC) model.

This means:

Permissions are assigned to roles
Roles are assigned to members
Members inherit permissions from their role

Permissions are not assigned directly to individual users.
Instead, access control is managed through roles.

This approach allows schools to scale their governance structure as the community grows.

Default Role: @everyone

When a new school is created, it automatically includes a default role called @everyone.

All members of the school are assigned to this role by default.

The @everyone role defines the baseline permissions for everyone in the school.

Examples of permissions that may be controlled by this role include:

Sending messages
Joining groups
Viewing content
Basic participation in the school

Because all members inherit permissions from @everyone, it is important to configure this role carefully.

School Owner

The Owner is the highest authority within a school.

The user who creates the school automatically becomes the Owner.

The Owner:

Has full control over the school
Can manage roles and permissions
Can manage members
Can configure school settings
Can transfer ownership to another member

Each school has exactly one Owner at any time.

Ownership can be transferred to another member if necessary.

Custom Roles

Schools can create custom roles to organize responsibilities and permissions.

You can name roles according to your needs.

Examples include:

Administrator
Teacher
Moderator
Principal
Student

Each role can have its own permission configuration.

Members assigned to a role will inherit all permissions defined for that role.

See:
→ Create or Edit Roles

Permission Hierarchy

Roles define different levels of authority inside the school.

Higher-authority roles may:

Manage members
Assign roles
Moderate content
Configure certain settings

Lower-authority roles cannot override restrictions defined by higher roles.

A clear hierarchy helps prevent governance conflicts.

Designing a Role Structure

Before configuring roles, consider:

Who should manage members?
Who can invite new users?
Who can moderate content?
Who can create groups?
Who can manage school configuration?

Avoid granting unnecessary permissions.

Following the principle of least privilege helps maintain security and stability.

Governance Best Practices

Keep the @everyone role limited to basic permissions
Create separate roles for moderation or management
Use clear and descriptive role names
Review role permissions regularly
Document responsibilities in school policies

See:
→ School Policies

Common Questions

Can a Member Have Multiple Roles?

A member may be assigned one or more roles depending on the school’s configuration.

Who Can Transfer Ownership?

Only the current Owner can transfer ownership to another member.

What Happens If Permissions Are Misconfigured?

Improper permission settings may:

Restrict important actions
Limit member participation

Always ensure at least one trusted role retains administrative control.