View effective permissions for an admin
This guide shows you how to see exactly what an admin can do — broken down by action and by which role grants each permission.
Who can do this: Admins who have permission to view effective permissions for other admins.
Before you start
Section titled “Before you start”- Effective permissions are the combined result of all roles assigned to an admin. If any role grants an action, the admin can do it.
- If a role is bound to a Tag and this admin holds that Tag, those permissions appear here too, labeled with the tag name.
- This view is read-only. To change permissions, assign or remove roles on the Roles tab.
- Go to
Admin & Security→ Admins. - Click the name of the admin you want to review.
- Click the Permissions tab (labeled “Permissions”; it shows the effective-permissions matrix).
The permissions matrix loads and shows:
- A row for each action across all areas of the product
- A column for each role assigned to this admin
- A checkmark in each cell where a role grants that action
- Any active data scope filters (membership level, tag, or event category) shown per role
Understand a conflict
Section titled “Understand a conflict”If you see a note about a conflict, it means one role restricts an action while another grants it. MapleGather resolves this in favor of access — if any role grants an action, the admin can do it. An information note in the matrix explains which role is providing the grant.
Review the audit log
Section titled “Review the audit log”- On the Roles tab, scroll to the Audit log — role changes section.
The log shows role-grant and role-revoke events for this admin. Events from tag-based group bindings appear with a note like “Granted via Tag: [tag name].”
Verify
Section titled “Verify”You’ll know it worked when the Permissions tab shows a matrix of actions and the roles that grant them.
If something goes wrong
Section titled “If something goes wrong”- The matrix takes a long time to load — Try refreshing the page. If it continues, contact MapleGather support.
- An expected permission isn’t showing — Check the Roles tab to confirm the role is still assigned. Tag-based roles only appear if the admin holds the Tag that is bound to the role.
- “Granted via Tag” appears unexpectedly — The admin holds a Tag that is bound to a role. To remove the tag-based grant, either remove the admin from the Tag or unbind the Tag from the role in
Admin & Security→ Roles.