Team roles and permissions
Once multiple people edit the site, you need clear rules about who can publish, who can draft, and who can only view.
A CMS is a collaboration tool. Drupal-style permissions map each action to a role — checkboxes in a grid, just like the admin permissions page. Try creating a custom role below and assign only what that person needs.
Permissions matrix (simulation)
Each column is a role; each row is a permission. Check the boxes to grant access — or click Add role to create a custom role and assign permissions.
| Permission | Anonymous user | Authenticated user | Content editor | Administrator | Marketing reviewer |
|---|---|---|---|---|---|
| Content permissions | |||||
View published content | |||||
Create new content | |||||
Edit own content | |||||
Edit any content | |||||
Delete own content | |||||
Publish content to production | |||||
| Menu permissions | |||||
Add new links to Main navigation menu | |||||
Edit links in Main navigation menu | |||||
Delete links in Main navigation menu | |||||
View Main navigation menu in the menu list | |||||
Edit Main navigation menu | |||||
Delete Main navigation menu | |||||
| Administration permissions | |||||
Access administration pages | |||||
Invite and manage team members | |||||
Build and configure webforms | |||||
Manage multilingual settings | |||||
Granular beats all-or-nothing
Drupal permissions are row-by-row — you grant only what each role needs instead of handing everyone full admin access.
Custom roles for your team
Marketing reviewers might edit content but not menus. Create a role, check a few boxes, and assign it.
Review roles quarterly
When someone changes jobs, update their role — old permissions accumulate quietly.
Tip
Flexy AI can explain any permission screen in plain language — helpful when onboarding a new editor.
