Project Permissions & Access
ClientCove enforces project access at three layers: role capabilities, client assignment, and project membership. Knowing how these stack determines who sees what.
Capability Matrix
| Capability | Who Has It |
|---|---|
| View any project | Administrator, Editor |
| View own client's projects | Client roles assigned to that client |
| View own authored projects | Client users not assigned to a client |
| View assigned-only projects | Representative role (filtered to their client list) |
| Create projects | Administrator, Editor, Representative |
| Edit project (any) | Administrator, Editor |
| Edit project (member) | Project members with edit permission |
| Manage project team | Administrator, Editor |
| Delete project files | Administrator, Editor |
| Archive / restore | Administrator, Editor |
| Permanent delete | Administrator, Editor |
| See category sidebar | Administrator, Editor, Representative |
| Manage categories | Administrator, Editor |
| Manage templates | Administrator, Editor |
How Client Visibility Works
When a logged-in user opens the Projects index, the list is filtered as follows:
Admin / Editor
Sees every project across every client. The full Projects table loads with no filtering.
Representative
Sees projects for clients they're assigned to. The category sidebar appears so they can filter further.
Client roles (client_basic, client_standard, client_billing, client_admin, plus author/contributor)
- If assigned to a client (via the user's
assign_to_clientfield): sees every project where that client is set as the project's client - If not assigned to a client: sees only projects they personally authored
Anyone else
Sees nothing in the projects list. Direct project URLs return access denied.
Project Members vs Client Visibility
These are two different mechanisms:
| Client Visibility | Project Membership | |
|---|---|---|
| Set on | The user (assign_to_client) and the project (the_client) | The project (the_user field via Manage Members modal) |
| Effect | Shows the project in their Projects index | Adds avatar to toolbar, includes in Team tab, surfaces in dashboards |
| Required to view? | Yes for client users | No |
A client user assigned to Acme Corp sees all of Acme's projects, even ones they're not personally a member of. Adding them as a project member just promotes them to the team.
Required Purchase (Paywalls)
A project can be locked behind a product purchase — useful for paid templates, training programs, or course-style engagements.
Setting it up
In the project's edit screen (WordPress admin), set the Required Purchase field to a product.
Behavior
| Visitor State | What They See |
|---|---|
| Logged out | "Purchase Required" notice + link to product |
| Logged in, no entitlement | Same notice |
| Logged in with entitlement | Normal project workspace |
| Admin / Editor | Always normal access (bypasses paywall) |
Entitlement is verified per-request via check_user_has_access().
Templates Permissions
Templates use a slightly different permission model:
- View templates library: Administrator, Editor only
- Create / edit / clone / archive templates: Administrator, Editor
- Use templates (in Create Project modal): Anyone with project create permission
- Templates have no client filter: Templates are admin tools, not client-facing
Clients never see the Templates view, the templates library, or template categories.
Trash & Permanent Delete
Archive (soft action)
Archived projects are hidden from the active list and from clients. Recoverable from the archived view. See Archive & Restore.
Permanent delete
Administrators and Editors only. From the archived view, select projects and click Permanently Delete. This:
- Removes the project post entirely
- Detaches but does not delete underlying media library files
- Removes activity log entries
- Removes per-card data and comments
- Is irreversible
Permanent delete cannot be undone. Public links to permanently deleted projects start returning 404 immediately. If there's any chance you'll need the project again, leave it archived — there's no time limit on restoration.