Permissions and Access Control
Not everyone in the portal can see or change everything — and that's intentional. Permissions are organized around three roles plus a global admin. The goal is simple: leaders can run their ministries without bumping into other ministries' data, and admins keep oversight where it belongs.
The three main roles
- Member — anyone in the church who logs in to view their own schedule, events, and the directory.
- Leader — a ministry leader or co-leader who schedules volunteers for their ministry.
- Admin — a campus or church-wide admin with broad access to events, ministries, and members.
A fourth role, Super Admin, exists for the platform owner — typically only one or two staff members hold this.
Permission table
Here is the simple matrix of what each role can do:
| Action | Member | Leader | Admin | Super Admin |
|---|---|---|---|---|
| View own schedule and assignments | ✓ | ✓ | ✓ | ✓ |
| View public events and calendar | ✓ | ✓ | ✓ | ✓ |
| View the people directory (limited) | ✓ | ✓ | ✓ | ✓ |
| View ministry roster and members | ✓ | ✓ | ✓ | |
| Create and edit schedule slots | ✓ * | ✓ | ✓ | |
| Create and edit events | ✓ * | ✓ | ✓ | |
| Add or remove members from a ministry | ✓ * | ✓ | ✓ | |
| View full contact info for any member | ✓ | ✓ | ||
| Manage member types (Radical, etc.) | ✓ | ✓ | ||
| Promote or demote leaders | ✓ | ✓ | ||
| Manage campus settings | ✓ | ✓ | ||
| Manage church-wide settings | ✓ | |||
| Install or remove modules | ✓ |
\* Only for ministries the leader is assigned to.
How permissions are assigned
Permissions follow membership records inside ChurchCRM:
- Leader status comes from being marked as a leader of a ministry in ChurchCRM.
- Admin status comes from a global admin role, also in ChurchCRM.
- Member type (Radical / Trailblazer / G&A) is a pastoral classification and does not grant any portal permissions on its own.
What members see
A member logging in sees:
- Their own dashboard with upcoming assignments.
- The public calendar and events list.
- A directory of other members (name, ministry, photo) — but not full contact details.
- Their personal profile with the ability to edit a few fields (photo, notification preferences).
What leaders see
A leader sees everything a member sees, plus:
- The Schedule Editor for ministries they lead.
- The full roster (members and assignments) of their ministries.
- The ability to add/remove members from their ministries.
- Notes attached to people in their ministry's context.
What admins see
An admin sees everything a leader sees, across all ministries and campuses, plus:
- Full contact information for every member.
- The ability to create new ministries, campuses, or events church-wide.
- The Admin control panel (gear icon → Admin).
- Member-type management.
What super admins can do
Super admins additionally control:
- Module installation and configuration.
- Church-wide branding, integrations, and security settings.
- Reset of leader/admin assignments at scale.
Changing someone's role
Roles are managed in ChurchCRM, not in the portal directly. To promote a member to leader:
- Open ChurchCRM (the source-of-truth admin app).
- Navigate to the relevant ministry.
- Mark the person as a leader.
- The change is reflected in the portal on their next login (or within a few minutes).
For admin-level promotions, an existing super admin must update the person's church-wide role.
Common mistakes to avoid
- Assuming a leader can edit any ministry. They can only edit ministries they explicitly lead.
- Confusing member type with permissions. Radical, Trailblazer, and G&A describe spiritual maturity, not access rights.
- Giving someone admin access "just for one task". It's almost always better to ask an existing admin to do that one task than to elevate the person.
- Forgetting that ChurchCRM is the source of truth. Editing role data directly in the portal database is not supported and will be overwritten on the next sync.