Security Overview

It's been a fine line to walk between simplicity and flexibility when it comes to Majestri's security model. After a couple of revisions, we think we've got the balance right.

This article explains the different levels of access for everybody in the Majestri system, and the controls at each level that are available to what everybody from the committee down to members can access.

How It Works

The entry point into Majestri looks the same for everybody, and it starts at the login page. When somebody enters an email address and a password, we use the email address to tell us who the person is attempting to log in, and then compare a one-way hash of their entered password with the hash that we have stored in our database. It's important to note that we don't store passwords in plain text anywhere.

Nowadays, it's a reasonable expectation that everybody have their own unique email address to interact with a system. Plenty of companies with a web presence mandate this, and we feel justified in doing the same.

Once we've validated the email address and password combination, we essentially make a decision whether this person should see the Control Room or not. The next sections in this document explain each of the security levels and whether they can see a Control Room.

top

Administrators

Administrators are the appointed royalty of a Majestri. They have total administrative control over the system and will see the Control Room every time they log in.

Each club has one (and only one) central Administrators group, to which designated administrators can be added (only by other administrators). Tools to add and remove people from this group can be accessed via the Administration tab in the Control Room.

Control  Room -  Administrators


Because there is no time limit placed on an administrator, we recommend that each club only has one person in the Administrators group. Otherwise, you always have to remember to remove people when they are no longer associated with the club, which represents a security risk.

Ideally, if a single administrator is going to step down from the committee, then their last act should be to add in the new administrator and remove themselves from the group.


top

Committee Member

The Committee is our recommended way to model who can access the Control Room for the time that they're serving on a club committee.

There are a couple of benefits to modelling administrative access via the Committee as opposed to the Administrators group:

  • There is a time limit. When you create a committee in the system, there is an end point in the future where the privileges associated with somebody's role on the committee expire. Nobody needs to remember to revoke access when somebody steps down, as it will happen naturally in the system.
  • More granular control over access. An administrator has unfettered access - when you add somebody to the committee, you can control what parts of the system they have access to.
  • You can create more than one committee in the system. For a lot of clubs, this allows them to model sub-committees, which is a common requirement. As well as being a mechanism for granting access, each committee is a communications group in its own right.

For an overview on creating committees, adding people to committee roles, and controlling their access, please visit our designated guidance:

top

Event Coordinator

There are times when you would like somebody to run a club event, but you're not willing to add them to a committee to give them larger administrative access to the system. An example of this is if you have engaged a third-party to run a Coaching Clinic or Holiday Camp. This is where the Event Coordinator is the right mechanism to use.

An Event Coordinator is assigned on a per-event basis. When somebody who has been appointed the coordinator of an event logs in, they see a very cut-down version of the Control Room. The only tabs they have access to are ones that contain current events that they are 'coordinating'. It should be noted that historical event coordinators lose that access once events are in the past.

For an overview on adding Event Coordinators and controlling what they can do, please visit our specific guidance:

  • Creating Event Coordinators

top

Team Official

After you've built your teams in Majestri for an event and assigned your coaches and managers, then those team officials can now log into Majestri and be in operational control of teams that they are in charge of.

When these people log in, they do not see the Control Room - only their MyDetails screen. For each team they have been appointed an official for, they will see a link that takes them to the respective Team Dugout. It is important to note that these links appear only for teams that have been created on an active event. Once an event is in the past, then access to those teams disappears.

For more information on building teams and appointing officials, please visit:

top

Joe Public

Anybody that has an email address recorded in Majestri against a user record can get themselves a password and log into the system. For anybody logging in that does not have any of the access described above, they will be presented with their MyDetails screen, which will contain only the information that applies to them in terms of active event registrations and a history of all financial interaction.

top

Troubleshooting

Because of the system's dependency on email address to uniquely identify somebody to us when they log in, problems can arise in the system due to duplicate records or multiple people using a single email address. To resolve issues for yourself or other club personnel, please start with these resources:
top

Questions?

If you've still got questions on any aspect of Majestri's security model, chances are that they've been asked and answered previously. Please check for this on:
top
© Majestri Pty Ltd, Brisbane, Australia.