Role-Based Permissions

Not everyone on your project should see everything. The intern doesn't need delete access, the client shouldn't download unwatermarked originals, and the freelance editor doesn't need billing details. ReelStorage's permission system gives you 65+ individual controls to set this up exactly how you want.

Permission hierarchy

Tier 1: Platform level

System-wide permissions for platform administrators:

• Access all organizations
• Manage system settings
• View system analytics
• Manage all platform users

Tier 2: Organization level

9 organization-level permissions for owners and admins:

Project management

• Create projects
• Delete projects

Member management

• Invite members
• Remove members
• Manage roles

Settings and billing

• Manage organization settings
• View billing information
• Manage billing
• View organization analytics

Tier 3: Project level

36+ granular permissions organized by what people actually need to do:

Asset management

• View assets
• Upload assets
• Edit metadata
• Delete assets
• Download assets
• View only approved assets (a restrictive permission for external reviewers)

Tagging

• View tags
• Create tags
• Delete tags

Collections

• Create collections
• Edit collections
• Delete collections
• Share internally
• Share externally
• Manage members
• Create smart collections

Approval workflows

• View approvals
• Manage approvals

Distribution

• Create distribution links
• Manage distribution links

Project management

• Edit project settings
• Invite members
• Remove members
• Manage permissions
• Delete project

Analytics and audit

• View analytics
• View audit logs

Talent management

• Create talent access
• Manage talent access

Folder management

• Create folders
• Rename folders
• Delete folders
• Move assets

Image security

• Requires watermarking (restrictive)
• Watermark opacity (0.05 to 0.50)

Permission templates

Most people don't want to toggle 65 switches. Templates give you sensible defaults:

Viewer

Can browse content and create personal collections. Can't modify assets, tags, or project settings. Good for clients and stakeholders who just need to see the work.

Contributor

Can create and edit content, manage folders, upload assets. Can't manage members or change project settings. The right fit for photographers and editors doing daily work.

Manager

Full project management including member invitations and permission changes. Can't delete the project itself. For team leads and coordinators.

Custom

Pick and choose from any of the 65+ permissions. For when the standard templates don't match your workflow.

Collection-level permissions

When sharing collections, you control exactly what each person can do:

• Can view: Browse the collection and its assets
• Can edit: Add or remove assets, edit metadata
• Can share: Create share links for others
• Can manage: Full control including member management

Security features

Archive lockdown

When projects are archived or pending deletion, all write permissions are automatically disabled. Only read access remains. No one accidentally modifies archived work.

Watermarking control

Set per-user watermarking requirements with configurable opacity. External reviewers see watermarked versions. Internal team sees clean files. The system enforces this automatically.

Performance

Permission checks are optimized to stay fast even on projects with dozens of members and complex configurations. You won't notice latency.

Audit trail

Every permission-related action gets logged:

• Permission grants and revocations
• Role changes
• Member additions and removals
• Access attempts (both successful and denied)

Export these logs for compliance documentation, security reviews, or production insurance requirements.

Who this is for

Studio managers who need tight control over who sees what. IT administrators handling access for large production teams. Anyone managing a project where the wrong person downloading the wrong photo could be a real problem.