> ## Documentation Index
> Fetch the complete documentation index at: https://docs.calgest.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Roles and permissions

> How CalGest's role-based access control works.

CalGest uses roles to control what each team member can see and do. Every member of your organization is assigned a role, and that role determines their permissions.

## System roles

CalGest includes five built-in roles:

| Role         | Description                                                 |
| ------------ | ----------------------------------------------------------- |
| **Owner**    | Full access to everything. Cannot be reassigned or removed. |
| **Admin**    | Full access to all features and settings.                   |
| **Manager**  | Can manage customers, appointments, and view employees.     |
| **Employee** | Can manage appointments and create customers.               |
| **Customer** | Can only view their own appointments.                       |

<Note>
  System roles cannot be deleted. They are always available in your organization.
</Note>

## Permission matrix

Permissions are organized by resource and action. Here's what each role can do by default:

| Resource          | Owner | Admin | Manager | Employee     | Customer |
| ----------------- | ----- | ----- | ------- | ------------ | -------- |
| Appointments      | Full  | Full  | Full    | Full         | View own |
| Customers         | Full  | Full  | Full    | Create, View | —        |
| Employees         | Full  | Full  | View    | —            | —        |
| Appointment types | Full  | Full  | View    | View         | —        |
| Locations         | Full  | Full  | View    | View         | —        |
| Custom fields     | Full  | Full  | View    | View         | —        |
| Tracking          | Full  | Full  | Full    | View         | —        |
| Notifications     | Full  | Full  | —       | —            | —        |
| Settings          | Full  | Full  | —       | —            | —        |
| Roles             | Full  | Full  | —       | —            | —        |

## Customizing permissions

You can adjust the permission matrix for your organization in **Settings > Permissions**. This lets you fine-tune what each role can do for each resource.

Available actions per resource:

* **Create** — add new records
* **Read** — view records
* **Update** — edit existing records
* **Delete** — remove records
* **Manage** — full control (includes all of the above)
