Access Control
Access control in Torneos MVP is built around a resource-action permission model. Every action in the platform — creating a tournament, approving a registration, entering match scores — is tied to a specific permission that can be granted or denied per role.
Permission structure
Permissions are organized into two dimensions:
- Resources — the areas of the platform (e.g., Tournaments, Rankings, People, Clubs, Displays)
- Actions — what can be done with a resource (e.g., View, Create, Edit, Delete)
A role combines specific resources with the actions allowed on each. A member's access is determined entirely by the role they have been assigned.
Scope levels
Permissions are scoped to two levels:
| Scope | Description |
|---|---|
| Account | Permissions that apply across the whole account and its data |
| Community | Permissions scoped to managing the community portal |
This means you can give a person access to manage the community portal without giving them full access to the account, or vice versa.
Viewing and editing permissions
- Go to Profile → Role Templates to manage reusable permission sets.
- Go to Dashboard → Members of the org. to adjust a specific member's role.
- Go to Profile → Community Access to manage which accounts have access to your community.
Audit trail
All actions performed by members within your account are tracked. This audit trail lets administrators review who made what changes and when.
Tip: If a member reports they cannot access a feature, check their assigned role in the Members of the org. section and verify the relevant permission is enabled in the permission matrix.