Key concepts include:
Separate Office and Road access
Four permission levels (None, View, Edit, Full)
Role templates with optional individual customization
Dedicated driver app permissions
Operational separation between dispatch, billing, and driver workflows
Understanding how these permissions interact is critical for properly configuring user access, troubleshooting login issues, and maintaining operational security.
Create roles for your entire company for quick and easy permission granting.
Click the gear icon in the upper right corner to get to 'Account Settings'
On the left, select 'Users'
Then, click 'Roles'
To add a new role, click the [+ Add] box in the upper right corner of the page
Permissions
1. To set the global permissions for the role, click 'Permission'.
2. For office staff, click select 'Office', make sure 'Activate Office Login' is toggled ON.
3. For drivers, select 'Road', make sure 'Activate Road Login' is toggled ON.
4. Once permissions have been customized, click the blue [Save] button on the bottom right corner of the screen.
To assign the Role to a User:
On the left panel, click 'People' (under Users).
Select the user you'd like to update (or when creating a new user), click the drop down that says 'Role' and select the role you'd like to assign to the user.
If desired, permissions can be further customized at the employee level. Simply click 'Profile' while viewing the user's profile.
Click 'Save' once finished.
This guide explains how user permission levels work throughout the platform, including expected behavior for each permission level and known exceptions discovered during testing.
The platform uses four primary permission levels:
Permission Level | Description |
None | No access to the feature or setting |
View | Can view settings and information but should not be able to make changes |
Edit | Can modify existing settings and records |
Full | Full administrative access including create, edit, and delete |
Standard Permission Behavior
View Access
Users with View access are expected to:
View settings
View records and configurations
See which profiles or users have permissions
Users with View access should not normally be able to:
Create new records
Modify existing settings
Delete records
Edit Access
Users with Edit access are expected to:
View all related settings
Modify existing settings and records
Update configurations
Users with Edit access should not normally be able to:
Delete records
Create entirely new records unless specifically allowed
Full Access
Users with Full access are expected to:
View settings and records
Edit existing records
Create new records
Delete records
Fully administer the feature
Important Global Notes
Customer Manager Dependency
Some settings may not be accessible unless the Customer Manager permission is enabled with at least View access on the related Service Category.
Reset Password Requirement
The Reset Password permission must be enabled for users to reset their own passwords.
If this permission is disabled:
Users cannot perform self-service password resets
Password reset functionality may appear unavailable even if other user permissions are enabled
"None" Access Error
Setting a user permission to None may generate an error message. During testing, this error did not appear to cause functional issues.
Known Permission Exceptions and Edge Cases
The following behaviors were observed during testing where actual system behavior differed from expected behavior.
Settings Permission Exceptions
View Access Exceptions
Permits
Users with only View access to Permits were still able to:
Create new permits
Toggle permits on and off
Change customer portal color schemes
This behavior exceeds normal View-level permissions and should be reviewed.
Edit Access Exceptions
Business Lines → Attributes
Users with Edit access could not:
Edit certain Business Line Attributes
Tags
Users with Edit access were able to:
Create new Tags
This behavior exceeds expected Edit-level permissions.
Permits
Users with Edit access were able to:
Create new Permits
This behavior exceeds expected Edit-level permissions.
Zones → Pricing Zones
Users with Edit access could not:
Activate Pricing Zones
Deactivate Pricing Zones
Zones → Tax Zones
Users with Edit access could not:
Change the default Tax Zone
Deactivate Tax Zones
Billing → General
Users with Edit access could not:
Change Payment Terms dropdown values
Modify payment term days
Billing → Customer Billing Profiles
Users with Edit access could not:
View detailed profile information
Change default billing profiles
Full Access Exceptions
Even with Full access, the following restrictions were observed.
Business Lines → Attributes → Materials
Users with Full access could not:
Edit associated material colors
Business Lines → Attributes → Actions
Users with Full access could not:
Add new Actions
Business Lines → Attributes → Methods
Users with Full access could not:
Add new Methods
Billing → General
Users with Full access could not:
Edit Payment Terms
Edit Payment Term days
Roles Permissions
Testing showed that:
Edit access and Full access for Roles produced the same results
This may indicate:
Missing permission separation
Shared backend permission logic
An unfinished permissions implementation
User Permissions
User → Skills
Users with Edit access could not:
Deactivate Skills
Invoice Group Permissions
Users with only View access to Invoice Groups were still able to:
Create an Invoice Group
Edit Invoice Group names
Download all invoices
Email invoices
Email unpaid invoices
Generate bulk print data
Remove invoices
Send invoices
Post invoices
Delete invoices
These capabilities exceed expected View-level access.
Payment Group Permissions
Users with only View access to Payment Groups were still able to:
Create a Payment Group
Edit Payment Group names
Remove payments
Download all receipts
Regenerate receipts
Email payment receipts
These capabilities exceed expected View-level access.
Work Order Review Permissions
Users with only View access to Work Order Review were still able to:
Edit filters including:
Start date
End date
Routes
Actions
Invoice Permissions
Users with only View access to Invoices were still able to:
Send invoices
Post invoices
Add invoices to Invoice Groups
Delete invoices
These actions typically require Edit or Full access.
Hauler Hero Permissions Guide
Overview
Hauler Hero permissions are designed around role-based access control with optional per-user overrides. This system allows companies to create standardized roles while still supporting individual exceptions when needed.
This article explains:
How permissions are structured
The difference between Office and Road access
Permission levels and what they mean
Every major permission category
Driver app permissions
Common role setups used by customers
Understanding the Permission System
Hauler Hero permissions work across three layers:
Layer | Purpose |
Concept | What users experience and can access |
Configuration UI | Where admins configure permissions |
Code / Backend | What the permission actually controls internally |
All three layers are aligned, meaning the permissions users see in the UI directly map to backend permission checks.
Role-Based Permissions
Permissions are primarily managed through Roles.
A role is a reusable permission template assigned to one or more users.
Examples include:
Driver
Dispatcher
Controller
Office Assistant
Admin
Roles are created once at the company level and then assigned to users as needed.
Where Roles Are Configured
Navigate to:
Account Settings → Users → Roles
Per-User Permission Overrides
After assigning a role, administrators can optionally override permissions for a specific user.
This is done by enabling:
Change Individual Permissions
on the user's Profile tab.
This allows administrators to:
Keep the original role intact
Modify only the permissions needed for that individual user
Where Individual Overrides Are Configured
Navigate to:
Account Settings → Users → People
Office vs Road Access
Hauler Hero supports two separate login environments:
Access Type | Purpose |
Office | Hauler Hero web platform |
Road | Driver mobile application |
Each role can independently allow one or both.
Office Access
OFFICE_PERMISSION = 100
Office access allows users into the Hauler Hero website, including:
CRM
Billing
Dispatch
Customer management
Settings
Reporting
Typical Office users include:
Dispatchers
Controllers
Office staff
Administrators
Road Access
ROAD_PERMISSION = 101
Road access allows users into the Driver mobile app on Android tablets.
Typical Road users include:
Drivers
Field operators
Common Login Error
A common issue occurs when a driver attempts to log into the website instead of the Road app.
The error usually appears as:
Permission Denied for → read, 101
This means the user has:
Road access enabled
Office access disabled
The user can log into the mobile app but not the website.
Permission Levels
Each permission category uses a four-level access ladder.
Level | Description |
None | Feature hidden entirely |
View | Read-only access |
Edit | Read + modify access |
Full | Read + modify + delete/admin access |
Backend Permission Values
Internally, permissions use numeric values.
Backend Values
Level | Value |
None | 100 |
View | 200 |
Edit | 300 |
Full | 400/500 |
Legacy Frontend Values
Some frontend areas still reference older constants:
Level | Value |
None | 100 |
View | 101 |
Edit | 102 |
Full | 103 |
Although the values differ, the permission behavior is the same.
Permission Categories
The backend source of truth comes from the UserFeature.java enum.
Below are the primary permission categories currently used throughout Hauler Hero.
Settings & Administrative Permissions
SETTINGS
Controls access to business configuration settings.
Typical abilities include:
Modifying tenant settings
Updating business configuration
Managing operational defaults
PERMISSIONS
Controls the ability to manage roles and permissions themselves.
Typical abilities include:
Creating roles
Editing roles
Assigning permission levels
USER
Controls user management access.
Typical abilities include:
Creating users
Editing users
Managing employee accounts
Important Note
Users generally must have at least:
Full USER access
Otherwise they may encounter:
Permission Denied 101
even if other related permissions are enabled.
RESET_PASSWORD
Controls password reset functionality.
Typical abilities include:
Resetting passwords for other users
Billing & Finance Permissions
BILLING
Controls access to the Billing module.
CUSTOMER_BILLING_PROFILE
Controls customer-specific billing setup.
Typical abilities include:
Managing billing profiles
Configuring customer billing defaults
INVOICES
Controls invoice access.
Typical abilities include:
Viewing invoices
Editing invoices
Managing invoice lifecycle
POST_INVOICES_PAYMENT
Controls posting payments against invoices.
PAYMENTS
Controls overall payment management.
Typical abilities include:
Viewing payments
Managing payment records
APPLY_PAYMENTS
Controls applying payments to specific invoices.
LOCK_DATE
Controls accounting lock periods.
Typical abilities include:
Locking accounting periods
Preventing changes after close
PRICING_MANAGER
Controls pricing rule management.
Typical abilities include:
Managing pricing structures
Updating pricing rules
CONFIGURED_SERVICE_PRICE
Controls per-service pricing at the customer level.
Operations Permissions
SERVICE
Controls service definition management.
Typical abilities include:
Creating services
Editing service configurations
CUSTOMER_MANAGER
Controls access to customer management.
Typical abilities include:
Viewing customers
Editing customer records
Managing customer operations
ROUTE_MANAGER
Controls route and dispatch functionality.
This is the primary operational surface used by dispatch teams.
Typical abilities include:
Route management
Dispatch scheduling
Route editing
Driver App Permissions (Road App)
The Road App has its own permission structure separate from Office permissions.
Permissions are organized into three areas:
Display
Data Capture
Permissions
Display Permissions
Display permissions control what information drivers can see inside the mobile app.
Examples include:
Show Miles on Route List
Work Order visibility
Route Information visibility
These are generally toggle-based settings.
Data Capture Permissions
Data Capture permissions define how drivers interact with operational events.
Each event type can be configured with one of four behaviors:
Option | Behavior |
Expand | Driver can expand and interact |
Complete | Driver is required to complete |
Skip | Driver may skip |
None | Hidden entirely |
Supported Event Types
Current event types include:
Safety
Delay
No Access
Damage
Overloaded
Extra Item
Special
Contamination
Service Review
Weight
No Payment
Not Out
Camera
Signature
Note
Serial Number
Road App Operational Permissions
The mobile app also supports additional permission categories using:
None
View
Edit
for the following areas:
Permission | Purpose |
Customer Information | Customer visibility |
Trucks | Vehicle access |
Route | Route editing/access |
Auto-Complete | Route auto-completion |
Timer | Driver timing controls |
Common Customer Role Structures
Below are common permission setups observed across customer environments.
Driver
Typical configuration:
Road access only
No Office access
Used for:
Drivers
Field operators
Dispatcher
Typical configuration:
Office access enabled
Full Route Manager access
Full Customer Manager access
Dispatchers often handle:
Routing
Scheduling
Customer coordination
Example:
At one customer tenant, a dispatcher named Brandon handles approximately 90% of incoming calls and dispatch operations.
Controller
Typical configuration:
Office access enabled
Full billing and finance permissions
Controllers commonly manage:
Invoicing
Payments
Accounting workflows
Office Assistant
Example configuration observed at Patriot Management:
Allowed Access
Password resets
Invoice viewing
Restricted Access
No settings access
No pricing access
Cannot enter payments
This role is commonly used for front-office administrative staff.
Admin
Typical configuration:
Full access across all modules
Full Office permissions
Full administrative control
Admins can generally:
Manage users
Configure permissions
Access billing
Configure pricing
Modify operational settings
Manage dispatch