Role-Based Access for Agent Teams
Role-Based Access for Agent Teams
Version: v0.1.33
Version 0.1.33 introduces granular role-based access control (RBAC) for agency organisations. Permissions now reflect the real staffing hierarchy of a UK letting agency, giving administrators precise control over what each team member can see and do.
Overview
Previously, all members of an agency organisation shared the same level of access. With v0.1.33, agency administrators can assign one of four distinct roles to each team member. Each role is purpose-built around a real job function in a letting agency.
Roles
Property Manager
- Access: Full access across the entire agency organisation
- Intended for: Senior property managers responsible for the whole portfolio
- Can view and manage all tenancies, inspections, deductions, and reports regardless of branch or assignment
Negotiator
- Access: Assigned tenancies only
- Intended for: Front-line negotiators who manage a defined set of tenancies
- Can only access tenancies they are explicitly assigned to — tenancies belonging to other negotiators are not visible
- Prevents data leakage between negotiators operating within the same agency
Branch Manager
- Access: Branch-level view
- Intended for: Managers responsible for a specific office or branch within a multi-branch agency
- Can view and manage all tenancies, activity, and reports within their branch
- Cannot access data belonging to other branches in the same organisation
Finance
- Access: Deduction reports only (read-only)
- Intended for: Accounts and finance team members who need visibility of deduction outcomes
- Cannot interact with tenancy workflows, inspections, or correspondence
- Provides a safe, scoped route for financial oversight without exposing operational data
Role Summary Table
| Role | All Tenancies | Own Branch | Assigned Only | Deduction Reports |
|---|---|---|---|---|
| Property Manager | ✅ | ✅ | ✅ | ✅ |
| Branch Manager | ❌ | ✅ | ✅ | ✅ |
| Negotiator | ❌ | ❌ | ✅ | ✅ |
| Finance | ❌ | ❌ | ❌ | ✅ (read-only) |
Assigning Roles
Roles are assigned at the agency organisation level by an administrator. Each user within the organisation must have exactly one role. Role assignments can be updated at any time by an administrator.
Note: A user's role governs what they can access across the entire platform — from tenancy dashboards to deposit deduction workflows and compliance reports.
Why This Matters
Letting agencies operate with defined internal hierarchies. A negotiator should not have visibility of a colleague's portfolio. A finance officer needs deposit deduction figures but has no business accessing tenancy communications. Branch managers need autonomy over their own office without being able to alter settings for another branch.
This RBAC model enforces those boundaries automatically, reducing the risk of accidental data exposure, supporting internal compliance requirements, and giving agency principals confidence that sensitive tenancy data is appropriately protected.