How to configure user roles and permissions

Overview and availability

In BEE version 2.3 we introduced a new concept in our email editor: the idea that some content may be editable by some users and not others. For example, you may want the header and footer section of an email newsletter to be locked, so that it cannot be inadvertently modified when creating the latest version of your weekly news digest.

Internally, we've been calling this feature "Restricted editing". Others refer to it as "locked regions", "blocked content", and more.

To allow for this, we created ways for the application hosting the editor to define user roles and set their permissions. Let's take a look at how the feature works first and then show you how to configure your instance of BEE to take advantage of it.

Available on BEE Plugin paid plans only.

A closer look at user roles and permissions

The user roles that you create (e.g. Brand Manager, Senior Editor, Junior Editor, etc.) can have different permissions. You can create as many or few user roles as you wish. The permissions that you can assign to them are:

  • Can lock rows (if active, all other permissions are granted)
  • Can lock modules
  • Can edit locked rows
  • Can edit locked modules

For example, a Brand Manager all four permissions checked, whereas a Senior Editor might have editing access to rows and modules, but won't be able to lock rows and modules. Let's take a look at a few scenarios.


Locking a row

If your user has this permission, locking a row is very easy to do. Simply select the row you'd like to lock and click on the lock/unlock radio button.

If on the other hand you don't have this permission, you'll see an error message notifying you the row can't be edited:

Likewise, you wont be able to drag & drop any content blocks on the locked row, as we can see:


Editing a locked module

Typically an Editor or similar user role has the permission to edit locked content, in this case a locked module. This is especially useful when you want your users to have editing access to the content but not the module or the layout of the message itself. They can just focus on the text, images, and other type of content and not worry about making changes to the layout.

For example, we can have a locked social media module that's editable. Your users can edit the contents of the social media module by adding/updating the social media buttons, but wont be able to delete or move the social media module:


Creating roles in the developer portal

Log into the BEE Plugin developer portal and click on Manage roles under Application configuration for the selected application:

In the Manage Roles section you'll be able to create different user roles and set their permissions. For example, your user roles could be Brand Manager, Account Manager, Junior Editor, etc depending on your needs and nomenclature. For each user role you create, you can set and restrict editing permissions, such as the ability to lock or edit rows and content blocks, as you can see below:

Once you create your user roles you'll be able to see them listed:


How to use the Role Hash parameter

While Role Name is a friendly description of that user role, Role Hash is the parameter that identifies that particular role in BEE Plugin. It must be an alphanumeric string between 8 to 30 characters: it can contain letters and numbers, but cannot contain spaces or special characters (such as "-", "_", etc.).

The property name is: "roleHash".

For user roles to become active in the editor, you will need to add this new property to your BEE Plugin configuration when you configure the editor for a specific user. You will pass:

roleHash: "roleSpecified"

for each of the user, depending on its role. For example, if the Role Hash for a "Junior Editor" is "juniorEditor", the plugin configuration will include:

roleHash: "juniorEditor"

Please refer to Configuring the editor for more details.


How roles and permissions affect tasks in the editor

We created a page that attempts to map out how different combinations of user permissions affect what those users can actually do in the BEE editor. Check it out.

Have more questions? Submit a request


  • Avatar

    I am curious where the "locked regions" are specified? I know when you start the BEE Plugin you need to feed in a JSON file for the layout. If the locked regions info are stored in that JSON file, it's are the risk of being tampered since it's client side file. In other words, if by looking at the JSON layout file I can tell what sections of the template are marked as locked, then I might be able to play with it and unlock those sections?