Skip to main content

Permission tiers

GreekManage has five tiers of access. Each tier is a class in backend/apps/common/permissions.py plus the corresponding model rows in backend/apps/platform/, backend/apps/organizations/.

The hierarchy

Each tier inherits the permissions of those below it.

What each tier can do

Platform Admin

Source: apps/platform/models.pyPlatformAdmin(user=...) row with is_active=True.

Bypasses all tier checks. Used for:

  • Onboarding new tenant orgs
  • Cross-tenant support and forensics
  • Backups + data export
  • Email infrastructure config

To act as a specific tenant: pass X-Organization-Id: <uuid> header.

Organization Admin

Source: apps/organizations/models.pyOrganizationAdmin(user=..., organization=...) row with is_active=True.

Scope: their organization only.

Can do:

  • Manage chapters (create, suspend, deactivate)
  • Manage regions
  • Invite + remove other org admins
  • Configure dues, compliance program, custom fields, consent templates
  • Toggle modules
  • Author org-wide elections
  • Manage Foundation campaigns + donors
  • Bulk-import members
  • View audit logs (their org)
  • Run org-scoped reports + exports

Can't do:

  • Touch other orgs
  • Change platform-level settings
  • Deactivate the only remaining org admin (guard in _validate_org_admin_deactivation)

Regional Admin

Source: apps/organizations/models.pyRegionalAdmin(user=..., region=..., role=...) row with is_active=True.

Roles (sub-tier within regional):

  • regional_director — primary regional contact
  • regional_coordinator — secondary; same permissions as director
  • regional_advisor — read-only across the region

Scope: chapters in their region.

Can do:

  • View all chapters in their region
  • Run regional Engage forums
  • Track regional compliance + elections
  • Review regional surveys + retention analytics
  • Approve cross-chapter changes that need regional sign-off

Can't do:

  • Configure org-wide settings (dues, modules, etc.)
  • Touch other regions

Chapter Officer / President

Source: Membership.role in ["officer", "president", "advisor"] AND Membership.status in Membership.ACTIVE_MEMBER_STATUSES.

Scope: their chapter only.

Can do:

  • Approve member additions, status changes, officer submissions
  • Run chapter elections
  • Submit compliance for their chapter
  • Manage chapter-level billing (adjustments, refunds within cap)
  • Post chapter bulletins
  • Moderate the chapter Engage forum
  • Create + manage chapter events
  • Run chapter retention surveys
  • Update member profiles for read-only fields (status, role, notes)

Can't do:

  • Set dues amounts (org admin)
  • Configure payment processors (org admin)
  • Issue refunds beyond the per-officer cap (escalates to org admin)
  • See other chapters' data

Chapter Member

Source: Membership.status in Membership.PLATFORM_ACCESS_STATUSES (excludes pnm and disaffiliated).

Scope: their chapter (read-only for most), their own profile (writeable).

Can do:

  • View dashboard, member directory, family tree
  • Edit their own profile
  • Post in Engage forums (subject to moderation)
  • Vote in chapter elections
  • View + pay dues
  • RSVP for events
  • Take learning courses
  • Use the AI chatbot

Can't do:

  • Approve other members
  • Change dues amounts
  • See chapter financial data beyond their own
  • Moderate forums

Decision tree (most common questions)

"Can this user view this chapter's roster?"

This is IsChapterMember in code (any of the above succeeds).

"Can this user issue a refund?"

Multiple memberships

A user can have memberships in multiple chapters (and orgs). The middleware picks the highest-tier role. The frontend presents a chapter / org switcher when this happens.

Inactive vs disaffiliated

  • Inactive — sign-in blocked, but data preserved. Can be reactivated by an officer.
  • Disaffiliated — sign-in blocked, audit-logged event, can only be reversed by org admin with explicit reactivation.

Both statuses block Membership.PLATFORM_ACCESS_STATUSES checks → user cannot sign in.

Code references

  • backend/apps/common/permissions.py — all tier classes
  • backend/apps/platform/models.pyPlatformAdmin
  • backend/apps/organizations/models.py:201-218OrganizationAdmin
  • backend/apps/organizations/models.py:221-246RegionalAdmin
  • backend/apps/organizations/models.py:137-142Membership.Role enum
  • backend/apps/organizations/models.py:144-163Membership.Status enum