👥 Roles & Permissions

Admin · R&D (npd) · QA · Factory · OPS · Purchasing · IT · Viewer. Each role edits a specific set of pages. Outside those pages, the role still sees data — just read-only.

Full access. Edits library, manages users, fixes anything. Currently the only admin is Caterina.

Owns: Recipes, Recipe Detail, Ingredients, Builds, Factory SOP (full edit), Branch SOP, QAS, Brands, Library, Safety Icons, Substitutions, Ingredient Requests. Drives the recipe lifecycle from Draft → In Review → Factory Trial. Hands off to QA + Factory at the gates.

Owns: QA, Builds, Branch SOP, Recipe Detail (QA fields), Substitutions, Ingredient Requests. Approves recipes for trial, sets shelf life (temporary + validated), captures lab results, signs the COA. Full Factory SOP edit access (same as R&D): generate SOPs, edit steps + method, manage hazards, and edit the Standard Blocks Library + Safety Icons catalog. Can't create recipes or schedule runs.

Owns: Production. Schedules runs, captures yields, marks complete. Assigns the Recipe ID at the Factory-Trial-Passed gate — the chokepoint between trial and prod-trial.

IT reads the portal for support and audit, but Recipes / Factory SOP / Branch SOP are hidden — formulations stay confidential. Otherwise behaves like Viewer (read-only, no edits).

OPS — branches-only (Branch SOP). Never sees factory pages.
Purchasing — Ingredients + Communications. Manages prices and supplier specs.
Viewer — read-only across the portal. Useful for execs, auditors, new hires.

Admin opens Users & Access from the sidebar and clicks + Add User on the Active Team card. Name, email, and role are set at creation — there's no approval queue.

Every user has an Access column on the Active Team table with toggles for Recipes / Builds / Prices / Cost / Branch SOP / Factory SOP. These per-user toggles override the role-level defaults — useful when one Factory user needs to see Cost while the rest don't.

The Access Control matrix at the bottom of the Users & Access page is collapsed by default. Open it to set what each role can see and do out of the box. Per-user toggles still override this when needed.