Roles & Permissions
Commons uses role-based permissions at both the organization and team level.
Organization Roles
Every member of an organization has one of five roles:
Owner
- Full control over the organization
- Can delete the organization
- Can manage billing
- Can change any user's role
- Can manage all teams and projects
Note: There's typically one owner, usually the person who created the organization.
Admin
- Can manage billing
- Can change roles (except owner)
- Can manage members
- Can create and delete teams
- Can manage all projects
- Cannot delete the organization
Best for: Leadership team members who need full operational control.
Manager
- Can invite and manage members
- Can create teams
- Can create projects
- Can manage projects they own
- Cannot delete teams or access billing
Best for: Team leads and project managers.
Member
- Can create projects
- Can create updates
- Can comment and react
- Can view all organization content
- Cannot manage other users or teams
Best for: Most team members - designers, engineers, PMs.
Viewer
- Can view all organization content
- Can read updates and comments
- Cannot create content
- Cannot comment or react
- Cannot manage anything
Best for: Stakeholders, clients, or read-only access.
Team Roles
Within each team, members can have specific team roles:
Team Manager
- Can add/remove team members
- Can create and edit team projects
- Can delete the team
- Can change team settings
Team Member
- Can create projects for the team
- Can edit projects they're on
- Can create updates for the team
- Can view all team content
Team Viewer
- Can view team content
- Cannot create or edit
- Read-only access
Important: Organization owners and admins automatically have full permissions on all teams, regardless of team role.
Permission Matrix
Organization Permissions
| Action | Owner | Admin | Manager | Member | Viewer | |--------|-------|-------|---------|--------|--------| | Delete organization | ✓ | — | — | — | — | | Manage billing | ✓ | ✓ | — | — | — | | Change roles | ✓ | ✓ | — | — | — | | Manage members | ✓ | ✓ | ✓ | — | — | | Create teams | ✓ | ✓ | ✓ | — | — | | Delete teams | ✓ | ✓ | — | — | — | | Create projects | ✓ | ✓ | ✓ | ✓ | — | | Delete projects | ✓ | ✓ | — | — | — | | Send invitations | ✓ | ✓ | ✓ | — | — | | Create updates | ✓ | ✓ | ✓ | ✓ | — | | Comment | ✓ | ✓ | ✓ | ✓ | — | | View content | ✓ | ✓ | ✓ | ✓ | ✓ |
Team Permissions
| Action | Team Manager | Team Member | Team Viewer | |--------|--------------|-------------|-------------| | Delete team | ✓ | — | — | | Manage members | ✓ | — | — | | Create projects | ✓ | ✓ | — | | Edit projects | ✓ | ✓ | — | | View content | ✓ | ✓ | ✓ |
Note: Org owners and admins can perform all team actions.
Project Permissions
Projects have owner-based permissions:
- Project Owner (creator): Can edit, delete, and manage contributors
- Project Contributors: Can edit project and create updates
- Other Org Members: Can view (currently - visibility settings coming soon)
Org owners and admins can manage all projects regardless of ownership.
Changing Roles
Organization Roles
Only owners and admins can change roles:
- Go to Settings → Members
- Find the user
- Click their current role
- Select new role
- Confirm
Rules:
- Owners can change any role
- Admins can change roles below admin
- You cannot change your own role
- Cannot demote the last owner
Team Roles
Team managers, org managers, owners, and admins can change team roles:
- Go to the team page
- Click "Members"
- Find the user
- Click their role
- Select new role
Best Practices
Start Conservative
Give members the minimum permissions they need, then expand as needed.
Use Managers Wisely
Manager role is powerful. Give it to people who need to grow the team and manage projects.
Leverage Team Roles
Use team roles for fine-grained control without elevating org-wide permissions.
Review Regularly
Audit roles quarterly to ensure they still make sense.
Document Your Structure
Create a note in your organization describing who should have which roles.
Common Role Patterns
Startup Team (Small)
- 1-2 Owners (founders)
- Everyone else as Members
- Simple, flat structure
Design Team (Medium)
- 1 Owner
- 1-2 Admins (design leadership)
- 2-3 Managers (team leads)
- Everyone else as Members
Agency (Large)
- 1 Owner (agency owner)
- 2-3 Admins (leadership)
- Managers for each account/team
- Members (designers, PMs)
- Viewers (clients)
Invitations and Role Assignment
When inviting new members:
- Send invitation with intended role
- They accept and automatically get that role
- You can change their role anytime after
See Inviting Members for details.
Security Notes
- Super Admins: Platform administrators have god-mode access for support purposes
- Soft Deletes: Most deletions are soft deletes for data recovery
- Audit Logs: Owners and admins can view audit logs of key actions (coming soon)
Next Steps
- Inviting Members - Add people to your organization
- Organization Settings - Configure your workspace
- Teams Guide - Organize your members