Roles, permissions and scoping
Two settings decide what a PropLink user can do:
- Role: what actions the user is allowed to perform.
- Scope: which records the user can perform them on.
Both are required. A user with the Manager role and no scope can do nothing. A user with no role but a scope assigned to every site can do nothing either.
Permissions
A permission is a single action , Create site, Approve invoice, Reconcile bank statement. PropLink ships with around 150 permissions, grouped by domain. The full list is in Permissions reference.
Permissions are always one of seven verbs:
| Verb | Meaning |
|---|---|
| Read | See the record |
| Create | Add a new record |
| Update | Change a record |
| Approve | Move a record through an approval step |
| Archive | Soft-delete a record |
| Restore | Undo an archive |
| Force delete | Permanently remove a record (rare) |
Each verb is granted independently per domain, for example a user might have Read, Create and Update on debtor invoices but not Approve.
Roles
A role is a named bundle of permissions. PropLink ships with seven built-in roles:
| Role | Intended for |
|---|---|
| Organisation Owner | The original creator. Every permission. |
| Administrator | Senior managers and partners. Every permission except billing. |
| Manager | Block managers and estate directors. Read/write on operational records. |
| Accountant | Finance team. Read/write on financial records, read on operational. |
| Site Manager | On-site staff. Read/write on assigned sites only. |
| Maintenance Coordinator | The maintenance team. Read/write on work orders, issues, tickets. |
| Read Only | Auditors and observers. Read-only across their scope. |
You can also create custom roles. See Roles reference.
Scope
A user's scope is the set of records they can operate on, regardless of role. Scope can be:
- All sites. The user sees every site in the organisation.
- Selected sites. The user sees a specific list of sites. Useful for portfolio teams.
- By estate. The user sees every site grouped under the estates you assign.
Scope is enforced everywhere, list pages, search, reports, exports. A Site Manager scoped to Acacia Avenue will never see a site at Beech Road in any UI, even by guessing a URL.
How role and scope interact
Imagine three users:
| User | Role | Scope | What they can do |
|---|---|---|---|
| Priya | Manager | All sites | Read and write on every site in the organisation |
| Tom | Manager | Selected sites: Acacia Avenue | Read and write on Acacia Avenue only |
| Anita | Read Only | All sites | Read-only across every site |
If Tom navigates to Beech Road's URL by accident, PropLink shows a Not found page. If Anita tries to approve an invoice, the Approve button is greyed out and the corresponding API call returns 403.
Special roles
A few roles cannot be edited or deleted:
- Organisation Owner is unique. Every organisation has exactly one. You can transfer it to another user, but you cannot delete it.
- System roles for portal users (resident, contractor, building safety) are managed automatically when those users interact with the portals.
Related
Last reviewed 10 May 2026.