Roles & Permissions

Roles & Permissions Overview Guide

Comprehensive overview of the roles and permissions system in the Xmarket platform.

At a Glance

What This Section Does

Control who can access which features on the platform. Assign roles to team members, create custom roles with specific permissions, and manage access across all back-office functions.

Who Should Use This

System Administrators: Set up new team members and manage all access
HR Managers: Assign roles based on job responsibilities
Department Heads: Review team member permissions and request changes

Most Common Tasks

Assign a Role to a Team Member: Give someone access
Create a Custom Role: Set up specific permissions
View All Roles: See available roles
Manage Permissions: Control feature access

Before You Start

Make sure you have these permissions:

back_office_staff: Required to manage team member roles
platform_users: Required to view user accounts
Super Admin role: Required to create or modify roles and permissions

Overview

Section	Description
Overview	Central system for controlling access to platform features through role-based permissions.
Main Components	Roles Management, List Roles, List Permissions

View & Search Features

Feature	Permission Required	Whitelist Required
Viewing Roles	roles_list	None
Viewing Permissions	permissions_list	None
Viewing Role-Permission Matrix	roles_manage	None (view-only for non-superadmin)

Create & Manage Features

Feature	Permission Required	Whitelist Required
Assigning Permissions to Roles	roles_manage	Superadmin role
Creating/Editing Roles	roles_manage	Superadmin role
Editing Permission Details	roles_manage	Superadmin role

Role Comparison - Who Can Do What

This table shows what each role can access. Use it to decide which role to assign to your team members.

Feature / Task	Super Admin (22)	Admin (17)	Operator (7)	Market Manager (5)	Treasury Ops (2)	Dashboard (1)
Markets
Create Markets	✅	✅	✅	✅	❌	❌
Approve Markets	✅	✅	✅	✅	❌	❌
Resolve Markets	✅	✅	✅	✅	❌	❌
Edit Markets	✅	✅	✅	✅	❌	❌
View Markets	✅	✅	✅	✅	❌	✅
esport	✅	✅	✅	❌	❌	❌
sport	✅	✅	✅	❌	❌	❌
Presales
Approve Presales	✅	✅	✅	✅	❌	❌
Manage Revenue Share	✅	✅	✅	✅	❌	❌
Users & Roles
Manage Roles	✅	❌	❌	❌	❌	❌
Assign Roles to Members	✅	✅	❌	❌	❌	❌
Manage Back-office Staff	✅	✅	❌	❌	❌	❌
View Platform Users	✅	✅	✅	❌	❌	❌
Finance & Treasury
View Token Balances	✅	✅	❌	❌	✅	❌
Execute Token Operations	✅	❌	❌	❌	✅	❌
Manage Fees	✅	✅	❌	❌	❌	❌
System Settings
Configure Platform	✅	✅	❌	❌	❌	❌
Manage Categories & Tags	✅	✅	✅	❌	❌	❌
Manage Referrals	✅	✅	❌	❌	❌	❌
Reports & Monitoring
View Dashboard	✅	✅	✅	✅	❌	✅

Quick Guide:

Super Admin (22 permissions): Full access to everything. Use carefully - only assign to trusted system administrators.
Admin (17 permissions): Manages daily operations including users and settings. Cannot create or modify roles.
Operator (7 permissions): Handles day-to-day market tasks like creation, approval, and resolution.
Market Manager (5 permissions): Supervises all market-related activities with focused access.
Treasury Ops (2 permissions): Specialized role for finance team managing company funds and token operations.
Dashboard Monitoring (1 permission): View-only access for analysts and reporting staff.

Understanding Roles & Permissions

What Are Roles?

Roles are named collections of permissions that define what a user or group of users can do within the system. Each role has a specific set of permissions assigned to it.

What Are Permissions?

Permissions are specific authorizations to perform an action or access a feature within the admin panel or platform. Each permission controls access to a particular functionality.

How Roles and Permissions Work Together

Permissions are created and defined in the system (e.g., admin_market, roles_manage)
Roles are assigned one or more permissions (e.g., "Super Admin" role has 22 permissions)
Users are assigned roles, which grant them all permissions associated with that role
Access Control checks user roles and permissions to determine what features they can access

Accessing Roles & Permissions Management

Access the Roles & Permissions system through the main navigation:

Navigate to Roles & Permissions section in the left sidebar
Select from the following options:
1. Manage: Assign permissions to roles (superadmin only)
2. List Roles: View and manage all roles
3. List Permissions: View and manage all permissions

Key Features

1. Roles Management (Manage)

Purpose: Assign and unassign permissions to roles using an interactive permission matrix.

Key Features:

Permission matrix showing all permissions and roles
Checkbox-based permission assignment
Real-time updates
Superadmin-only access for modifications

Access Requirements:

View-only: Any admin user
Full management: Superadmin role only

For detailed instructions, see: Roles Management Guide

2. List Roles

Purpose: View and manage all roles in the system, including role details and permissions.

Key Features:

Complete list of all roles
Role details and metadata
Permission assignments per role
Search and filter functionality

Access Requirements:

roles_list permission required

For detailed instructions, see: List Roles Management Guide

3. List Permissions

Purpose: View and manage all available permissions in the system, including permission details and metadata.

Key Features:

Complete list of all permissions
Permission keys, names, and descriptions
Search functionality
Edit permission details (superadmin only)

Access Requirements:

permissions_list permission required
roles_manage permission required for editing (super admin only)

For detailed instructions, see: List Permissions Management Guide

Permission Categories

Permissions are organized into functional categories:

Category	Description	Example Permissions
Markets	Permissions for market management	`admin_market`, `creator_market`, `market_categories`, `market_tags`, `market_multiple_outcome`
Presale	Permissions for presale operations	`presale_pending_review`, `presale_revenue_share`
Users	Permissions for user management	`back_office_staff`, `platform_users`
System	Permissions for system configuration	`system_configuration`, `system_qt_and_fees`, `system_variable_config_banner`
Roles & Permissions	Permissions for access control	`roles_manage`, `roles_list`, `permissions_list`
Automated Markets	Permissions for automated market generation	`esport`, `sport`
Analytics	Permissions for dashboard and analytics	`dashboard_analytics`
Governance	Permissions for governance functions	`governance_manage`

Common Workflows

Assigning a Role to a Team Member

Navigate to Users > Back-office Staff
Find the team member
Click Edit or Assign Role
Select the appropriate role from the dropdown
Save changes

Viewing What a Role Can Do

Navigate to Roles & Permissions > List Roles
Find the role you want to review
View the permissions assigned to that role
Review the role comparison table above for quick reference

Understanding Permission Structure

Navigate to Roles & Permissions > List Permissions
Browse all available permissions
Use search to find specific permissions
Review permission descriptions to understand what each permission controls

Assigning Permissions to a Role (Superadmin Only)

Navigate to Roles & Permissions > Manage
Locate the permission you want to assign
Find the role column
Click the checkbox to assign the permission
Changes save automatically

Best Practices

Role Assignment

Principle of Least Privilege: Assign users only the minimum permissions necessary for their job
Regular Reviews: Periodically review role assignments to ensure they remain appropriate
Documentation: Document why specific roles are assigned to team members
Separation of Duties: Separate critical functions across different roles when possible

Permission Management

Superadmin Restriction: Only superadmins should manage permissions and roles
Clear Naming: Use descriptive permission names and descriptions
Regular Audits: Review permissions regularly to ensure they remain relevant
Test Changes: Test permission changes with actual user accounts before full deployment

Security Considerations

Limit Superadmin Access: Only assign superadmin role to highly trusted administrators
Monitor Access: Regularly audit who has access to sensitive permissions
Document Changes: Keep records of permission and role changes
Review Regularly: Conduct quarterly reviews of all role assignments

Troubleshooting

Common Issues

Issue	Possible Cause	Solution
Cannot access Roles Management	Missing `roles_manage` permission	Verify you have the required permission
Cannot assign permissions	Not a superadmin	Only superadmins can assign permissions
Cannot see permission matrix	View-only access	Normal behavior for non-superadmin users
Role not appearing in dropdown	Role may be inactive or deleted	Check List Roles page for role status
Permission changes not saving	Network issue or insufficient permissions	Check connection and verify superadmin access

Getting Help

If you need assistance with roles and permissions:

Check Permissions: Verify you have the required permissions for the action
Review Role Comparison: Use the role comparison table above to understand access levels
Contact Superadmin: Request assistance from a superadmin for permission management
Review Documentation: Check the detailed guides for each component (Manage, List Roles, List Permissions)

Product Glossary

Term	Description
Role	A named collection of permissions that defines what a user can do within the system
Permission	A specific authorization to perform an action or access a feature
Superadmin	Highest privilege role with full system access including role and permission management
Permission Key	Unique system identifier for a permission (e.g., `admin_market`, `roles_manage`)
Permission Matrix	Interactive table showing all permissions and their assignments to roles
Role Assignment	The process of associating a role with a user account
Permission Assignment	The process of associating permissions with a role
Access Control	System that checks user roles and permissions to determine feature access
RBAC	Role-Based Access Control - security model using roles and permissions
View-Only Access	Ability to view but not modify roles and permissions (non-superadmin users)