Fix & Enhance User Permissions

Creating a user & testing permissions - gave myself ONLY read access, but was able to create a campaign. Wasn’t able to delete the campaign, however.

Read-only shouldn’t be able to create anything.

User permissions are very confusing. Any user can do whatever actions they have access to to any location.

To fix this:

1. Make named access permissions that make sense. Ex: Viewer, Responder, Manager, Admin, etc. Allow Agency to specify what access they have in plain English (i.e., can respond to reviews, create campaigns, edit settings)

2. Make access flexible for locations: Give access to entire organization, or 1 or more locations (selectable)

This is a really basic requirement of most SaaS apps. You developed this feature around your CRUD API, but it doesn’t make sense to end-users! There are some unexpected behaviors around the permissions select boxes (described above).