ATLAS
Contractor Role Management

Define custom roles, assign granular permissions, and control who on your team can access what. Inspired by Gusto, Rippling, and Linear workspaces.

1 View Roles
2 Create/Edit
3 Set Permissions
4 Assign Members
5 Audit & Analyze
1 Roles + Detail
2 Permissions + Members
3 Audit + Analytics
1 Role Management
2 Audit & Analytics
Roles
Team Roles Overview
9:41
Team Roles
5
Active Roles
12
Team Members
Admin
Full access to all features
2
All Permissions
SYSTEM
Manager
Team oversight, job and billing access
3
Jobs
Billing
Team
CRM
SYSTEM
Technician
Assigned jobs, time clock, photos
5
Jobs (view)
Time Clock
Photos
SYSTEM
Sales Rep
Leads, proposals, CRM access
1
CRM
Proposals
Leads
CUSTOM
Dispatcher
Route scheduling, dispatch board
1
Dispatch
Calendar
Jobs (view)
CUSTOM

RoleCardList, StatsGrid

useQuery(api.teams.contractorTeamQueries.listCustomRoles)

Create Role
9:41
Create Role
Role Name
Description
Color Label
Start from Template
Admin
Full access — 24 permissions
Manager
Team oversight — 18 permissions
Technician
Field work — 8 permissions
Sales
CRM & proposals — 12 permissions
Blank
Start from scratch — 0 permissions
Create & Set Permissions

CreateRoleForm, TemplateSelector, ColorPicker

useMutation(api.teams.contractorTeams.createCustomRole)

Permission Editor
9:41
Permissions
Field Supervisor 18 of 24 enabled
Jobs
5/5
Select All
View Jobs
See all job listings and details
Create Jobs
Post new jobs to the marketplace
Edit Jobs
Modify existing job details
Assign Technicians
Dispatch team to jobs
Complete Jobs
Mark jobs as finished
Billing
3/4
Team
4/5
Settings
2/4
CRM
3/3
Dispatch
1/3
Save Permissions

PermissionEditor, PermissionAccordion, ToggleSwitch

useMutation(api.teams.contractorTeams.updateCustomRole)

Permissions
Role Detail
9:41
Role Detail
Manager
System role · 3 members · 18 permissions
Assigned Members
Add
MJ
Marcus Johnson
marcus@acmeroofing.com
ACTIVE
SR
Sarah Rodriguez
sarah@acmeroofing.com
ACTIVE
DW
David Williams
david@acmeroofing.com
INVITED
Permission Summary
Jobs 5/5
Billing 3/4
Team 4/5
Settings 2/4
CRM 3/3
Dispatch 1/3
Edit Role
Delete

RoleDetailScreen, MemberList, PermissionSummary

useQuery(api.teams.contractorTeamQueries.getCustomRole)

Assign Members
9:41
Assign Members
Search team members...
3 selected Select All
MJ
Marcus Johnson
Currently: Manager
MGR
SR
Sarah Rodriguez
Currently: Manager
MGR
DW
David Williams
Currently: Technician
TECH
JT
Jake Thompson
Currently: Sales Rep
SALES
CP
Chris Patterson
Currently: Admin
ADMIN
TL
Tyler Lee
Currently: Technician
TECH
AM
Amanda Mitchell
Currently: Technician
TECH
KN
Kevin Nguyen
Currently: Dispatcher
DISP
Assign 3 to Field Supervisor

AssignMembersSheet, MemberCheckboxList

useMutation(api.teams.contractorTeams.bulkAssignRole)

Roles & Access
9:41
Roles & Access
7
Roles
12
Members
24
Permissions
Standard
Custom
Owner SYSTEM
All 24 permissions · 1 member
Admin SYSTEM
22 permissions · 2 members
Manager SYSTEM
18 permissions · 3 members
Dispatcher SYSTEM
12 permissions · 1 member
Crew Lead SYSTEM
10 permissions · 2 members
Worker SYSTEM
8 permissions · 5 members
Estimator SYSTEM
6 permissions · 1 member
Jobs
Dispatch
Billing
Team

RoleAccessList, PermissionBar, RoleCard

useQuery(api.teams.contractorTeamQueries.listPermissions)

Analytics
Audit Permissions
9:41
Audit Permissions
All Roles
Compare Two
Permission Admin Mgr Tech Sales Disp
Jobs
View Jobs
Create Jobs
Edit Jobs
Assign Techs
Complete Jobs
Billing
View Invoices
Create Invoices
Manage Payouts
Refund
Team
View Members
Invite Members
Manage Roles
Settings
Company Profile
Integrations

PermissionMatrix, CompareSelector, MatrixTable

useQuery(api.teams.contractorTeamQueries.getPermissionMatrix)

Role Analytics
9:41
Role Analytics
Members per Role
Admin
2
Mgr
3
Tech
5
Sales
1
Disp
1
Permission Usage Heatmap
Frequency of permission checks in last 30d
View Jobs
482
Edit Jobs
246
View Invoices
198
Assign Techs
87
Manage Payouts
52
Integrations
12
Manage Roles
8
Refund
3
Low
High
Recently Modified
Field Supervisor created
by Danny M. · 2 hours ago
Sales Rep — 3 permissions added
by Danny M. · Yesterday, 4:32 PM
Dispatcher — member assigned
by Danny M. · Feb 22, 2026
Technician — 2 permissions removed
by Noall S. · Feb 21, 2026
Access Log
View All
Permission denied: Refund
Jake Thompson (Sales) · Today 2:14 PM
Permission granted: Create Jobs
Sarah Rodriguez (Manager) · Today 1:45 PM
Permission denied: Manage Roles
Tyler Lee (Technician) · Today 11:20 AM
Permission granted: View Invoices
Marcus Johnson (Manager) · Today 10:08 AM

RoleAnalyticsDashboard, PermissionHeatmap, AuditTimeline

useQuery(api.teams.contractorTeamQueries.getRoleAnalytics)

Data Architecture

Convex Queries

  • contractorTeamQueries.listCustomRoles — all roles with member counts
  • contractorTeamQueries.getCustomRole — role detail + assigned members
  • contractorTeamQueries.listPermissions — permission catalog grouped by category
  • contractorTeamQueries.getPermissionMatrix — cross-role audit grid
  • contractorTeamQueries.getRoleAnalytics — usage stats, heatmap data
  • contractorTeamQueries.listMembers — team list with current roles
  • contractorTeamQueries.getAccessLog — permission check audit trail

Convex Mutations

  • contractorTeams.createCustomRole — name, desc, color, template, permissions
  • contractorTeams.updateCustomRole — edit role metadata + permissions
  • contractorTeams.deleteCustomRole — remove role (reassign members first)
  • contractorTeams.bulkAssignRole — assign multiple members to a role
  • contractorTeams.updateCustomRole — edit role permissions + metadata
  • contractorTeams.duplicateRole — clone role with new name

Key Tables

  • contractorCustomRoles — name, description, isActive
  • contractorPermissions — permission catalog (category, key, label)
  • contractorRolePermissions — role-permission junction table
  • contractorTeamMembers — user, roleId, status, joinedAt
  • contractorPermissionLog — access audit trail (grant/deny events)
  • contractorRoleHistory — change log for role modifications

Components

  • RoleCardList — scrollable role grid with stats
  • CreateRoleForm — name, desc, color, template inputs
  • PermissionEditor — accordion categories + toggles
  • PermissionAccordion — collapsible category with select-all
  • RoleDetailScreen — banner, members, permission summary
  • AssignMembersSheet — search + multi-select checkbox list
  • RoleAccessList — role list with permission coverage bars
  • PermissionBar — segmented bar showing category coverage
  • PermissionMatrix — audit matrix with compare mode
  • PermissionHeatmap — usage frequency visualization
  • AuditTimeline — role change history timeline
  • RoleAnalyticsDashboard — charts, heatmap, logs combined
  • ColorPicker — circle chip color selector
  • TemplateSelector — base role template chooser
Tablet — Master-Detail Views (3 Screens)
Roles Overview + Role Detail
9:41
Role Management
5
Roles
12
Members
All System Custom
Admin
Full access · 2 members
Manager
Jobs, bids, team · 3 members
Technician
Assigned jobs only · 5 members
Sales Rep
Leads, bids, CRM · 1 member
Apprentice
Custom · 1 member
Manager
System role · Created Jan 15, 2026
Manager Active
Members
3
Permissions
18/24
Last Edit
2d ago
Permission Summary
Jobs
Full
Bids
Full
Team
View
Finance
Read
Settings
None
Assigned Members
Sarah Chen
Added Feb 1, 2026
James Park
Added Jan 20, 2026
Tom Rivera
Added Jan 15, 2026
Permissions + Member Assignment
9:41
Edit Permissions
Manager Permissions
18 of 24 enabled
Jobs & Bids
View Jobs
Create Bids
Message Clients
Financial
View Revenue
Manage Payouts
Settings
Company Settings
Manage Roles
Assigned (3) Available (9)
Current Members
Sarah Chen
sarah@kowalskihvac.com
Manager
James Park
james@kowalskihvac.com
Manager
Tom Rivera
tom@kowalskihvac.com
Manager
Available to Assign
Maria Santos
Currently: Technician
David Kim
Currently: Technician
Angela Price
Currently: Sales Rep
Audit Log + Role Analytics
9:41
Audit & Analytics
Matrix Timeline
Permission Matrix
ADM
MGR
TECH
SALES
APPR
View Jobs
Create Bids
Revenue
Payouts
Team Mgmt
Settings
Members per Role
Tech
5
Manager
3
Admin
2
Sales
1
Custom
1
Recent Changes
Sarah Chen added to Manager
By Mike K. · 2 days ago
Technician: removed billing access
By Mike K. · 5 days ago
Apprentice role created
By Mike K. · 1 week ago
Security Score
92%
Overall
100%
Least Privilege
83%
Separation
100%
No Orphans
Web — Dashboard Views (2 Screens)
Role Management — Dashboard
https://app.3bids.io/contractor/team/roles
3Bids
Team
Roles ⌘1
Members ⌘2
Permissions ⌘3
Audit Log ⌘4
Analytics ⌘5
MK
Mike Kowalski
Contractor
Settings ⌘,
Role Management
Search roles...
5
Roles
12
Team Members
92%
Security Score
24
Permissions
Admin
System
2 members24/24 perms
Manager
System
3 members18/24 perms
Technician
System
5 members8/24 perms
Permission Matrix
Permission
Admin
Manager
Tech
Sales
Apprentice
View Jobs
Create Bids
View Revenue
Manage Payouts
Company Settings
Role Management — Audit & Analytics
https://app.3bids.io/contractor/team/roles/audit
3Bids
Team
Roles ⌘1
Members ⌘2
Permissions ⌘3
Audit Log ⌘4
Analytics ⌘5
MK
Mike Kowalski
Contractor
Settings ⌘,
Audit & Analytics
7D30D90DAll
Members by Role
Tech
5
Manager
3
Admin
2
Sales
1
Custom
1
Security Compliance
92
score
Security Score
Industry avg: 74%
Excellent
100%
Least Privilege
83%
Separation
Recent Audit Log
Sarah Chen added to Manager
Role assignment by Mike Kowalski
Member
Success
2 days ago
Technician: removed billing access
Permission change by Mike Kowalski
Permission
Success
5 days ago
Apprentice role created
Custom role by Mike Kowalski
Role
Success
1 week ago
Tom Rivera moved Tech to Manager
Role transfer by Mike Kowalski
Member
Success
2 weeks ago
Least privilege principle
Each role should have only the permissions needed for that function. Review the matrix regularly to ensure no role has excess access.