Permission Management
Configure user roles and permissions across your workspace. Understand role-based access control for enterprise teams.
5 min read
Updated 2/10/2026
DealView uses role-based access control (RBAC) to manage who can view, edit, and administer contracts and settings.
Role Overview
Built-in Roles
| Role | Description | Typical Users |
|---|---|---|
| Owner | Full control, billing access | Account creator |
| Admin | Manage users, settings, all contracts | IT admins, legal leads |
| Editor | Create, edit, delete own contracts | Legal team, contract managers |
| Viewer | Read-only access | Executives, auditors |
Enterprise Feature
Custom roles are available on Professional and Enterprise plans.
Role Capabilities
| Capability | Owner | Admin | Editor | Viewer |
|---|---|---|---|---|
| View contracts | Yes | Yes | Yes | Yes |
| Upload contracts | Yes | Yes | Yes | No |
| Edit contracts | Yes | Yes | Own | No |
| Delete contracts | Yes | Yes | Own | No |
| Manage folders | Yes | Yes | Yes | No |
| Invite users | Yes | Yes | No | No |
| Change settings | Yes | Yes | No | No |
| Manage billing | Yes | No | No | No |
| Delete workspace | Yes | No | No | No |
Permission Hierarchy
DealView permissions follow a hierarchy:
Workspace → Folder → Contract
How Inheritance Works
- Workspace permissions set the default for all content
- Folder permissions can restrict access within the workspace
- Contract permissions can further restrict specific items
Restrictive Only
Permissions can only become more restrictive down the hierarchy. A folder can't grant more access than the workspace allows.
Example Scenario
Workspace: All users can view
└── HR Folder: Only HR team can view
└── Salary Contract: Only HR Director can view
Managing User Permissions
Inviting Users
- Go to Settings > Team
- Click Invite Member
- Enter email address
- Select role
- Optionally restrict to specific folders
- Send invitation
Changing User Roles
- Go to Settings > Team
- Find the user
- Click the role dropdown
- Select new role
- Confirm change
Changes take effect immediately on next page load.
Removing Users
- Go to Settings > Team
- Find the user
- Click Remove
- Choose what happens to their content:
- Transfer to another user
- Keep in workspace (admin access)
- Delete (not recommended)
Content Ownership
When removing users, always transfer their contracts to ensure continuity.
Folder Permissions
Setting Folder Access
- Navigate to the folder
- Click Folder Settings (gear icon)
- Select Permissions tab
- Choose access level:
- Inherit - Use workspace defaults
- Restricted - Only specified users/roles
- Private - Only you and admins
Folder Permission Options
| Setting | Description |
|---|---|
| Inherit from workspace | Default workspace permissions apply |
| Specific users | Only named users can access |
| Specific roles | Only users with certain roles |
| Private | Hidden from all except owner and admins |
Nested Folder Behavior
Child folders inherit parent permissions unless explicitly overridden.
Sales (All editors)
└── Confidential (Only Sales Manager)
└── Pending Deals (Inherits: Only Sales Manager)
Contract-Level Permissions
When to Use
Use contract-level permissions for:
- Highly sensitive agreements
- Board-level contracts
- HR/personnel matters
- Confidential negotiations
Setting Contract Access
- Open the contract
- Click Settings (gear icon)
- Select Access tab
- Add or remove users/roles
- Save changes
Custom Roles (Enterprise)
Create roles tailored to your organization.
Creating Custom Roles
- Go to Settings > Roles
- Click Create Role
- Name the role (e.g., "External Counsel")
- Select permissions:
- Contract access levels
- Feature access
- Administrative capabilities
- Save role
Custom Role Examples
| Custom Role | Permissions |
|---|---|
| External Counsel | View assigned contracts, add comments |
| Department Head | Full access to department folder only |
| Auditor | View all, download reports, no edit |
| Contractor | View specific contracts, limited time |
Role Templates
Start from templates:
- Reviewer - Read and comment only
- Contributor - Upload and edit own
- Manager - Full access to specific folders
- Auditor - Read-only with export
Permission Best Practices
Principle of Least Privilege
Grant the minimum access needed:
- Start with Viewer role
- Upgrade to Editor when needed
- Reserve Admin for those who need it
- Limit Owner to account managers
Folder-Based Organization
Organize by access needs:
workspace/
├── All Company/ (Everyone)
├── Legal Team/ (Legal only)
├── HR Contracts/ (HR only)
└── Executive/ (Executives + Legal)
Regular Audits
Review permissions periodically:
- Check who has Admin access
- Review external user access
- Remove inactive users
- Verify folder permissions match needs
Common Permission Scenarios
Scenario: External Law Firm
Goal: Law firm reviews specific contracts
- Create "External Counsel" custom role
- Create folder for their contracts
- Set folder permissions to External Counsel role
- Invite law firm users with External Counsel role
Scenario: Department Isolation
Goal: HR can only see HR contracts
- Create "HR Contracts" folder
- Set folder to "Restricted"
- Add only HR team members
- Move all HR contracts to folder
Scenario: Read-Only Auditor
Goal: Auditor views all, edits nothing
- Invite auditor with Viewer role
- Grant workspace-wide view access
- Enable "Export Reports" permission
- Set time-limited access (Enterprise)
Troubleshooting
User can't see a contract?
- Check folder permissions
- Verify user role
- Look for contract-level restrictions
- Confirm user accepted invitation
User has too much access?
- Review their role assignment
- Check folder permissions
- Look for inherited permissions
- Consider custom role
Permission change not working?
- User may need to refresh page
- Clear browser cache
- Re-login if using SSO
- Contact support if persists
Audit Logs
Track permission changes:
- Go to Settings > Security > Audit Logs
- Filter by "Permission" events
- View who changed what, when
Available events:
- User role changes
- Folder permission changes
- Contract access modifications
- User invitations and removals