Flexible Permission System: Tailored Access Rights for Every Choir

A Fundamental Restructuring for Greater Flexibility

Managing a choir is complex and multifaceted. Every choir has different structures, various roles, and individual requirements for collaboration. What works for a small chamber choir may not suit a large concert choir with several dozen members. This diversity was the starting point for one of the most extensive technical restructurings in Chorilo's history.

The previous role system with three fixed levels of Administrator, Moderator, and Member was a good start but increasingly reached its limits. The reality of choir work is more nuanced. There are treasurers who need access to the cashbook but don't need to manage sheet music. There are external helpers who assist with work duties but shouldn't have insights into internal rehearsals or notifications. There are auditors who should view the cashbook but not edit it. These requirements couldn't be mapped with the old system.

From Rigid Roles to Granular Permissions

The core of the new system lies in its granularity. Instead of three fixed roles, there is now a flexible system of permission groups that can be configured as desired. Each permission group precisely defines which actions its members may perform in which areas. These areas encompass all important functions of choir management: member management, event planning, sheet music management, notifications, cashbook, photo albums, public website, ticket sales, and ensemble settings.

The technical implementation of this concept was demanding. Every single API request had to be reviewed and adapted. Over a hundred different endpoints in the backend were revised to integrate the new permission checks. The frontend received new functions to dynamically adapt the visibility of buttons and menus to the permissions of each user. The mobile app was also updated, with special emphasis on backward compatibility to ensure existing installations continue to function.

Practical Application Examples from Choir Life

The true strength of the new system becomes apparent in practical application. Take the example of an external helper who assists with work duties. This helper needs access to the relevant events to see when and where help is needed. They should be able to register and unregister for these events. At the same time, they should not have insights into rehearsals, concerts, or internal notifications. With the new system, this exact constellation can be mapped. A permission group "External Helpers" is created that only receives the right "View Events". All other areas remain blocked for this group.

Another common scenario is cashbook management. Many choirs have a treasurer who is responsible for finances but should not take on administrative tasks in other areas. At the same time, there are often one or more auditors who should view the cashbook but not edit it. The new system enables the creation of a permission group "Treasurer" with the rights "View Cashbook", "Edit Cashbook", and "Delete Cashbook". For the auditors, a separate group "Auditors" is created that only receives the right "View Cashbook". This clear separation creates transparency while meeting the requirements for proper financial management.

Sensitive Data and Differentiated Access Rights

Member management is a particularly sensitive area. Personal information such as addresses, phone numbers, birth dates, and bank details are stored here. Not everyone in the choir needs access to all this data. The new permission system therefore distinguishes between different levels of member management. The right "View Members" allows insight into basic information such as names and voice parts. The right "View Sensitive Member Data" additionally grants access to contact details and addresses. The rights "Edit Members" and "Delete Members" are even more restrictive and should only be given to people with appropriate responsibility.

This differentiation is important not only for data protection reasons but also makes practical sense. A music librarian, for example, does not need insights into members' bank details, while a treasurer may well need this information for managing membership fees. The system makes it possible to make exactly the information accessible to each person that is required for their tasks.

Sheet Music Management and Intellectual Property

Managing sheet music is a central component of choir work. This is not just about organization but also about protecting intellectual property and complying with licensing terms. The new permission system takes this responsibility into account. The rights "View Sheet Music", "Edit Sheet Music", and "Delete Sheet Music" can be assigned independently. A music librarian typically receives all three rights, while regular choir members only need the right to view the sheet music.

Particularly interesting is the ability to combine rights for the sheet music area with other areas. A conductor could, for example, receive full rights for sheet music and events but no access to the cashbook. A section leader could receive rights to edit events and view sheet music but no administration rights for the entire ensemble. This flexibility makes it possible to distribute responsibilities precisely while maintaining clarity.

Communication and Information Flow

Notifications are the backbone of choir communication. Rehearsal information is shared here, concert announcements are made, and organizational questions are clarified. The new permission system enables differentiated control over who may create, edit, and delete notifications. Most choirs will grant the right "Create Notifications" relatively generously, while the rights to edit and delete remain restricted to administrators and moderators.

The combination of notification rights with other permissions opens up interesting possibilities. A concert organizer could, for example, receive rights for events and notifications to plan concerts and inform about them without having access to other areas. A social media officer could receive rights for notifications and photo albums to coordinate the choir's external presentation. These specialized roles can be easily mapped with the new system.

Event Management and Attendance Control

Event management is a complex area with diverse requirements. Rehearsals must be planned, concerts organized, and work duties coordinated. The new permission system distinguishes between viewing, editing, and deleting events. This differentiation is important because not everyone who should view events also needs authorization to change or delete them.

A practical example illustrates the benefit of this granularity. A choir regularly organizes work duties where the rehearsal room is renovated or the garden is maintained. External helpers who are not members of the choir are invited to these events. These helpers should see the work duty events and be able to register or unregister for them. However, they should not have insights into rehearsals or concerts and should not be able to edit other events. With a special permission group "Work Duty Helpers" that only receives the right "View Events", this exact constellation can be implemented. The helpers only see the events relevant to them and have no access to internal information.

Cashbook and Financial Transparency

Financial management is a particularly sensitive area that requires clear structures and responsibilities. The new permission system offers a solution here that ensures both flexibility and security. The three rights "View Cashbook", "Edit Cashbook", and "Delete Cashbook" can be assigned independently.

This separation enables the implementation of proven practices from association work. The treasurer receives all three rights and is thus responsible for ongoing financial management. The auditors only receive the right "View Cashbook", so they can view all transactions but cannot change or delete anything. This clear separation of responsibilities meets the requirements for proper financial management while creating the necessary transparency.

Furthermore, the system also enables the involvement of the board in financial control. Board members can receive the right "View Cashbook" to have an overview of the choir's financial situation at any time without interfering with the treasurer's operational work. This transparency strengthens trust within the choir while fulfilling the board's supervisory duties.

Photo Albums and Public Relations

Documenting concerts and events through photos is an important part of choir work. The new permission system enables differentiated management of photo albums. The rights "View Photo Albums", "Edit Photo Albums", and "Delete Photo Albums" can be assigned individually. This is particularly useful when a choir has one or more photographers who should upload and organize photos but don't need additional administration rights.

The combination of rights for photo albums with other areas opens up interesting possibilities for public relations. A social media officer could, for example, receive rights for photo albums, notifications, and the public website. This allows them to coordinate the choir's external presentation without having access to sensitive areas such as the cashbook or member management.

Public Website and External Presentation

Many choirs use the public website function to present themselves externally. Managing this website requires special rights that not every member should have. The right "Edit Public Website" can be specifically assigned to people who are responsible for the choir's external presentation. These can be board members, PR officers, or technically skilled members.

The ability to assign this right independently of other permissions is particularly valuable. A webmaster could, for example, only receive the right to edit the public website without having access to internal areas such as sheet music or cashbook. This enables professional external presentation without having to disclose internal structures.

Ticket Sales and Event Management

Ticket sales for concerts are an important aspect of choir work that places special demands on permission management. The new system offers the rights "View Tickets", "Edit Tickets", and "Delete Tickets". These can be specifically assigned to people who are responsible for organizing concerts and ticket sales.

A concert organizer could, for example, receive rights for tickets, events, and notifications to fully plan and promote a concert. The treasurer could receive rights for ticket sales in addition to their cashbook rights to coordinate the financial side of events. This flexibility makes it possible to clearly distribute responsibilities while creating efficient workflows.

Ensemble Settings and Voice Parts

The basic settings of an ensemble and the management of voice parts are administrative tasks that require special care. The rights "Edit Ensemble" and "Edit Voice Parts" should therefore only be assigned to people who are responsible for the basic organization of the choir. These are typically board members or long-standing administrators.

The separation of these rights from other permissions is important to ensure the stability of the choir structure. A music librarian, for example, does not need rights to change ensemble settings, even if they have comprehensive rights for sheet music management. This clear separation prevents accidental changes to basic settings and ensures a stable organizational structure.

Technical Implementation in Detail

The restructuring of the permission system was one of the most extensive technical changes in Chorilo's history. Over several weeks, the entire backend was revised. Every single API endpoint had to be analyzed and equipped with the new permission checks. This affected not only the obvious areas such as member management or the cashbook but also many smaller functions that are not immediately associated with permissions.

Extensive adjustments were made to the frontend to dynamically adapt the user interface to the permissions of each user. Buttons, menus, and entire sections are only displayed when the user has the corresponding rights. This not only creates security but also a clean and clear user interface. Each user only sees the functions that are relevant to them.

Special attention was paid to backward compatibility. The mobile app, which is used daily by many choir members, had to continue functioning even if it had not yet been updated to the new permission system. This was achieved through intelligent fallback logic that connects the old role system with the new permission system. Existing installations continue to work seamlessly, while new versions can use the full capabilities of the new system.

Migration and Transition Phase

Such an extensive restructuring requires careful migration of existing data. All choirs already using Chorilo were automatically switched to the new system. The previous roles were converted into corresponding permission groups. Administrators received a permission group with all available permissions, moderators a group with extended rights, and regular members a group with basic rights.

This automatic migration ensures that no choir is affected by the restructuring. All existing structures are preserved and function as usual. At the same time, the new system opens up the possibility of gradually adjusting and refining permissions. Choirs can explore the new possibilities at their own pace and optimize their permission structure.

Managing Permission Groups

Permission groups are managed through an intuitive user interface in the administration area. New groups can be created here, existing groups can be edited, and members can be assigned to groups. The interface clearly shows which rights each group has and which members belong to it. This creates transparency and facilitates management even with more complex structures.

Particularly helpful is the ability to duplicate permission groups. When a new group is to be created that is similar to an existing group, it can simply be copied and adjusted. This saves time and reduces the risk of configuration errors. The management interface also offers a preview that shows which areas of the application are visible to members of a specific permission group.

Security and Data Protection

The new permission system contributes significantly to improving security and data protection. Through granular control over access rights, the principle of data minimization is consistently implemented. Each member only receives access to the data they actually need for their tasks. This minimizes the risk of data misuse and meets the requirements of the General Data Protection Regulation.

Permission checks are performed both in the frontend and backend. This ensures that even with manipulation of the user interface, no unauthorized access is possible. Every API request is validated server-side before it is executed. This double protection creates a high level of security and effectively protects sensitive data.

Outlook and Future Developments

The new permission system is not the end but the beginning of continuous development. The flexible architecture makes it possible to add additional permissions in the future when new functions are integrated into Chorilo. The foundation is laid for a system that can grow with the requirements of choirs.

Among other things, extended possibilities for time-limited permissions are planned. A concert organizer could, for example, receive extended rights for the duration of a project that are automatically revoked after the concert is completed. The possibility of linking permissions to certain conditions is also being discussed. This could mean, for example, that rights are only active when certain prerequisites are met.

Conclusion: A Milestone for Chorilo

The restructuring of the permission system was one of the biggest technical challenges in Chorilo's development. Over several weeks, the entire system was revised, tested, and optimized. The result is a flexible, secure, and future-proof system that can map the diverse requirements of modern choir management.

The true strength of the new system lies in its flexibility. Every choir can individually design its permission structure and adapt it to its specific needs. From small chamber choirs with simple structures to large concert choirs with complex organizational forms – the new permission system offers the right solution for everyone. It enables precise access control, promotes collaboration, and at the same time creates the necessary security for sensitive data.

This restructuring is a milestone for Chorilo and a commitment to continuous improvement. We listen to feedback from our users and continuously develop the platform further. The new permission system is an example of how technical innovation and practical requirements can come together to create a tool that makes choir work simpler, safer, and more efficient.