In Mercury, roles and their associated permissions control who can do and see what. To make this flexible, there are two different types of roles that can be assigned to a user.
1. Global Roles
Global roles apply to the entire Mercury system, regardless of which campaign or category you are in. They are assigned directly to a user in the user administration panel.
Example: A user with the global "Administrator" role can create new users anywhere in the system.
2. Category Roles
Category roles apply only to a specific category and all of its subcategories. This means the permission is inherited "downwards" through the category tree. This allows you to control access rights for different clients or projects in a very targeted way.
Example: You can give a user the "Planner" role only for "Client A". They can then only plan within Client A's campaigns, but not in those of "Client B".
What is the difference between a Role and a Permission?
Think of it like this:
- A Role is like a job title (e.g., "Administrator" or "Planner"). It is a bundle of individual permissions.
- A Permission is a single, specific authorization to do something (e.g., "create campaigns").
Examples of global permissions:
- Create and manage users
- Manage technical systems
- Create and manage publishers
- Manage media channels
Examples of category-level permissions:
- Manage fees for a client
- Create campaigns for a client
- Edit plan items in a specific campaign