User roles give way too much permission (Urgent)


#1

I added the word “urgent” to this request because we cannot give any company a ‘reporting’ role until you remove the recordings from their permissions. They cannot be allowed to listen to personal information being discussed on the call. Please, urgently, do something about this. We cannot give any company access, period.

From what you can see, to what you can do, the user permissions for a user with a ‘reporting’ role gives WAY too much power. They can see too many features, change too much, and are allowed more permission than they should be allowed. It should literally be ‘reports’, and that’s it, just how the role is labeled. (not listening to calls, text conversations, or anything else for instance) It’s kind of crazy that someone thought a ‘reporting’ role should have access to this stuff. We’re giving third-parties access to view call reporting, not listen to our calls or have access to other features via a “Reporting” role. Is that even legal, are we liable for sharing these calls? This is something I really hope you fix asap.

Ideally, we should be able to use ‘default’ permissions for a Reporting or Manager role, or add/remove permissions and make the role a little more custom.


#2

Hi @Scotte,

Thank you for your requests! I’m working my way through them but wanted to address this one first. I hope to be able to understand your need more clearly. Are you familiar with the Notification user? The Notification can receive emails with full call logs and daily or weekly stats for your account, but cannot log into CallRail. Would this be more in line with the data you are looking for your 3rd Parties to have access to?

I do understand your frustration with the naming of the Reporting user. While our intention is to meet everyone’s needs with the user roles, there are scenarios where our predefined roles don’t fit a customer’s exact needs. The more information about your needs we gather, the better we can consider the current roles and any future roles we may add.

Thank you again for your request and for being a member of our community and a CallRail customer.
Christina


#3

Hi Christina,

I just discovered another issue related to this same permissions based problem with regards to call recordings, please help get this request done :pray:

Our agents can listen to everyone else’s call too. If someone has permission to call recordings (which is everyone except a ‘notifications’ user) then you have access to every agent’s call recordings, not just your own. This is normally not desirable.

A way to kill two birds with one stone here when it comes to permissions for listening to call recordings per my earlier request and this one, is by adding a check-box or selection option when assigning a role to a user that provides two options:

  • This user has permission to listen to all call recordings
  • This user has permission to listen to their own call recordings (default)

This way, if we give access to a company with a reporting role, they will be given a default role of “This user has permission to listen to their own call recordings”. Because the company is not an agent who has any recorded calls, they simply wont have access to any call recordings. (hence, killing two birds with one stone–my first part to this request and this one)

This fixes the issue of third-party companies listening to all our call recordings, and also allows us to not have agents listening in on other user’s calls either unless we want them to.

If adding a selection option to an existing role is a hassle, then give them an alternative which is two more roles: “Has access to all call recordings” or “Has access to their own call recordings”. If the system is built how I think it might be, then this could possibly save some UI changes.

Can we please do what it takes to get this to the top of the priority list? Assuming the developers built this system with all permissions to various functions pre-installed, this should actually be a very quick thing to do. I would say less than 48 hours to get into your testing environment. We built a massive enterprise system for our company where every piece of minor or major functionality was pre-built with the ability to add permission restrictions to it…and I would assume your programmers followed the same standards when building your system. (very common practice nowadays)

This means that it’s ready to go—that the recordings already have the ability to add or change permission restrictions. It’s just a little programming time (a day) and an interface update for the check boxes / selection option (few hours). This, should not take more than 48 hours to get on your test site for user testing. (Btw, don’t mention the timeframe I just gave you to the programmers–they hate that lol…even though it’s most likely true.)

It would add tremendous value, flexibility, and comfort to your users (us).


#4

I agree that it would be very useful to have two roles with more limited permissions. Such as:

  • A Caller role - only able to see / hear their own phone calls and numbers assigned to this user
  • A Supervisor role - able to hear or jump into Caller role calls, but not able to have the higher manager level capabilities

It would also be useful to be able to demote a user’s permission levels instead of having to delete the user entirely, if the user has more power than initially desired.


#5

Thank you both for the discussion on this topic!

@Scotte I would love to learn more about your specific business and how your agents use CallRail. You have great ideas and hearing your use of CallRail in more detail would be beneficial for us to help prioritize this request. Please feel free to email me at christina.bourne@callrail.com.

Thank you!
Christina