Roles & Permissions

Last updated: 2026-07-06

Role-Based Access Control (RBAC)

HaMi Code Việt uses a role-based access control system. Each role has a different set of permissions that determine what actions a user can perform.

Role List

RoleDescription
super_adminSuper administrator, all permissions
adminAdministrator, all except role.manage and settings.write
platform_adminPlatform administrator
content_adminContent administrator
moderatorContent review, basic user management
creatorCreate content, submit for review
teacherTeacher, create classes
mentorMentor, guide projects
reviewerGrade submissions
guardianParent, manage children
learnerLearner
school_adminSchool administrator
org_adminOrganization administrator
support_agentSupport staff
finance_adminFinance administrator
safety_officerSafety officer
compliance_officerCompliance officer
security_adminSecurity administrator

Permissions

The system has over 19 permissions, including:

Assigning Roles

Admins can assign roles via the API:

POST /admin/users/:id/roles
{ "roleId": "creator" }

DELETE /admin/users/:id/roles/:roleId