Access Control
Access control in Torneos MVP is built around a resource-action permission model. Every action in the platform — creating a tournament, approving a registration, entering match scores — is tied to a specific permission that can be granted or denied per role.
Permission structure
Permissions are organized into two dimensions:
- Resources — the areas of the platform (e.g., Tournaments, Rankings, People, Clubs, Displays)
- Actions — what can be done with a resource (e.g., View, Create, Edit, Delete)
A role combines specific resources with the actions allowed on each. A member's access is determined entirely by the role they have been assigned.
Scope levels
Permissions are scoped to two levels:
| Scope | Description |
|---|---|
| Account | Permissions that apply across all communities the account manages |
| Community | Permissions scoped to a single community |
This means you can give a person admin access to one community without giving them access to others managed by the same account.
Viewing and editing permissions
- Go to Profile → Role Templates to manage reusable permission sets.
- Go to Dashboard → Members of the org. to adjust a specific member's role.
- Go to Profile → Community Access to manage which accounts have access to your community.
Audit trail
All actions performed by members within your community are tracked. This audit trail lets administrators review who made what changes and when.
Tip: If a member reports they cannot access a feature, check their assigned role in the Members of the org. section and verify the relevant permission is enabled in the permission matrix.