Permissions model
Role and permission model used by ChannelWeave.
Last updated:
Model structure
Roles group permissions. Users gain access through role assignments.
Enforcement
Checks occur at page level and action level for sensitive operations. Admin read/write permissions are enforced separately for Users, Roles, API keys, Events, and Support requests. Connections, Media library, stock, listings, purchase orders, sales orders, Warehouse operations, insight rules, and account-level settings use explicit permission groups.
Bearer-token API keys are scoped with permission codes. A request authenticated by API key must satisfy two checks before a scoped action runs:
- the key itself must include the required permission-code scope
- the user attached to the key must still have that permission through their current role assignments
Omitting explicit scopes when an admin key is created grants the current active permission catalogue to the key, while the attached user's role permissions remain the final authority.
Active permission catalogue
- Admin:
admin.api_keys.readadmin.api_keys.writeadmin.events.readadmin.roles.readadmin.roles.writeadmin.support_requests.readadmin.support_requests.writeadmin.users.readadmin.users.write
- Connections:
channels.connections.readchannels.connections.manage
- Catalogue:
catalogue.listings.manage
- Insights:
insights.rules.manage
- Media:
media.library.readmedia.library.manage
- Inventory purchase orders:
inventory.purchase_orders.readinventory.purchase_orders.createinventory.purchase_orders.editinventory.purchase_orders.openinventory.purchase_orders.issueinventory.purchase_orders.receiveinventory.purchase_orders.closeinventory.purchase_orders.cancel
- Inventory stock:
inventory.stock.importinventory.stock.manage
- Warehouse:
inventory.warehouse.readinventory.warehouse.operateinventory.warehouse.adjustinventory.warehouse.labelsinventory.warehouse.setup
- Sales orders:
sales.orders.readsales.orders.createsales.orders.editsales.orders.allocatesales.orders.deallocatesales.orders.dispatchsales.orders.deliversales.orders.payment_capturesales.orders.refundsales.orders.cancel
- Settings:
settings.account.managesettings.costing.managesettings.plan.manage
Mutation routes require both an authenticated session and the relevant live role
permission. Stock-item/master-data writes use inventory.stock.manage; listing,
draft and template writes use catalogue.listings.manage; custom rule writes
use insights.rules.manage. Account details, costing policy and plan changes
use their separate settings permissions. Warehouse adjustments and location
setup continue to use inventory.warehouse.adjust and
inventory.warehouse.setup respectively.
Support request permissions
admin.support_requests.readcontrols the Admin support request list.admin.support_requests.writecontrols status/category triage updates.- The default Admin role receives both support request permissions.
- The ChannelWeave team's internal support triage is separate from customer role permissions and cannot be granted through customer roles.
Channel permissions
channels.connections.readcontrols channel connection lists and connection diagnostics/settings pages.channels.connections.managecontrols connect, reconnect, OAuth callback completion, disconnect, website setup, and connection secret rotation.- Admin roles receive both channel connection permissions by default.
- Integration Manager roles receive channel connection read/manage permissions without user or role administration permissions.
Warehouse permissions
inventory.warehouse.readcontrols Warehouse home, Lookup, scan resolution, setup-state reads, and unknown-task 404 handling.inventory.warehouse.operatecontrols receiving, putaway, moves, replenishment, returns, quarantine, and issue reporting.inventory.warehouse.adjustcontrols Counts and Adjustments.inventory.warehouse.labelscontrols label tasks, label job lookup, and printable label sheets.inventory.warehouse.setupcontrols saving the per-location Warehouse setup checklist.
Default grants:
- Admin and Manager receive all Warehouse permissions.
- Location receives
read,operate,labels, andsetup. - Read-only receives
readonly.
Audit expectations
Permission changes should be attributable and time-stamped.