Roles & Permissions
Who can read, who can write, and who administers — at the organization and project level.
Primiso has two layers of roles: organization roles and project roles.
Organization roles
- Owner / Moderator — org admins. They can manage every project in the organization, publish resources, and manage members — without needing to be explicitly added to a project.
- Member — access to projects is controlled by explicit project membership.
- Viewer — read-only across the organization.
Project roles
Project membership grants access to a specific project's Resources. Read access (viewing Contexts, Instructions, Skills, etc.) is open to anyone with project access. Writing — creating, editing, publishing, or deleting a Resource — is reserved for org admins (owner/moderator) or an explicit project-manager-level role, rather than any project member by default.
Why writes are gated to admins
Since published Resources become the source of truth an organization's AI tools rely on, Primiso deliberately keeps the "who can make something official" circle small and explicit, even though reading and discussing draft work is open to the whole project team.