Skip to main content

Permissions reference

A complete reference of every permission in Cubby — what it unlocks, and whether it applies at org level, facility level, or both.

This article lists every permission available in Cubby, what it allows, and how its scope changes depending on whether it is assigned at the organisation level or the facility level. Use it as a reference when building custom roles or troubleshooting access issues.

For how to assign permissions to users, see User Management and User Roles.

In this article:


Org level vs facility level

Every permission in Cubby is assigned at either the organisation level or a facility level:

  • Organisation level — the permission applies across all facilities in your organisation. Use this for administrators or managers who need the same access everywhere.

  • Facility level — the permission applies only to the specific facility it is assigned for. Use this to give a team member access at one location without granting it org-wide.

Some permissions can be assigned at either level — but their scope changes depending on which level they are granted at. These are called out explicitly in the Permissions that behave differently by level section below.

In the tables below, the Level column uses:

  • Org — only meaningful at organisation level

  • Facility — scoped to the assigned facility

  • Org or Facility ⚠️ — can be either; scope or behaviour changes by level (see bottom of article)


Core access

Permission

What it allows

Level

All permissions

Applies every permission listed in this article to the user in one step. Typically reserved for administrators.

Org

Can only read

Read-only access to Facilities and Pricing. Users can view rental and tenant data but cannot take any actions, except downloading reports.

Org or Facility ⚠️

Can manage facilities

The foundational permission for any Site Manager. Enables access to the core Facilities section: units, leads, rentals, auctions, merchandise, walkthroughs, payment history, and facility preferences. Required before most other facility-level permissions are useful.

Facility


Facilities & units

Permission

What it allows

Level

Can edit facility details

Edit the facility's general info, contact info, address and mailing details, operational hours, and marketing phone numbers.

Facility

Can edit units

Create, edit, or archive units.

Facility

Can edit rentability for vacant units

Change a unit's rentability status, but only when the unit is vacant and not reserved. Cannot manually set a unit to Reserved.

Facility

Can edit rentability for any unit

Change a unit's rentability to any state regardless of current occupancy. Supersedes the vacant-only restriction above.

Facility

Can add / remove unit overlock

Add and remove overlocks on units.

Facility

Can manage locks

Full lock management: add or bulk import locks, edit lock details, delete, view history, and mark locks as missing, available, or damaged.

Facility

Can use gate access page

Full access to the Gate Access page: edit tenant gate access codes, enable or disable access, and export the gate access table.

Facility


Rentals & leases

Permission

What it allows

Level

Can change rent rate

Change the rent rate on an existing lease or remove a scheduled rent change.

Facility

Can set custom rate

Set a custom rent rate during new lease creation or when transferring a tenant to another unit.

Facility

Can edit lease dates

Edit move-in, move-out, and unit transfer dates on a lease.

Facility

Can transfer prepaid balance

Transfer a tenant's prepaid balance between leases at the same facility.

Facility

Can edit imported balance

Edit a tenant's imported balances (outstanding, prepaid, deposit) that were carried over during migration from a previous system.

Facility

Can move unit to another auction

Move auctioned units that have not yet been settled to a different auction date, via Auctions > Move to another auction.

Facility

Can merge customers

Merge duplicate customer records into a single contact.

Org

Can manage delinquency exemptions

Add, edit, or delete delinquency exemptions on individual leases. Exemptions selectively pause automated delinquency actions — including delinquency fees, overlock, lien eligibility, and collections messages — for specific tenants.

Facility


Payments & billing

Permission

What it allows

Level

Can reverse payments

Refund credit card or ACH payments, or mark a payment as failed regardless of payment method.

Facility

Can waive charges

Waive any charge from a tenant's balance — fees, due rent, coverage, security deposit, and so on.

Facility

Can take partial payments

Process a payment for less than the full outstanding balance.

Facility

Can refund move-out balance

Approve or reject balance refund requests on move-out leases.

Facility

Can write off move-out balance

Write off an outstanding balance on a moved-out lease as bad debt, or approve/reject write-off requests from other users.

Facility

Can issue credit

Issue a credit to a tenant's account.

Facility


Pricing & rates

Permission

What it allows

Level

Can manage & analyze prices

Change rent prices on individual leases, manage standard rates on pricing groups, and view competitor pricing history and recommendations.

Org or Facility ⚠️

Can manage pricing groups

Create and edit pricing group details: name, size, rates, features, assigned discounts, and assigned units.

Org or Facility ⚠️

Can create/delete pricing groups

Create a new pricing group, or delete one that has no units under it and is not in use by the Storefront builder.

Org or Facility ⚠️

Can manage market competitors

Add or remove market competitors that power rate recommendations and competitor data in the Pricing section.

Org


Walkthroughs

Permission

What it allows

Level

Can perform walkthrough

Perform facility walkthroughs. During a walkthrough, the user can manage combination locks, apply or remove overlocks, change unit availability status, log tasks, and send preset walkthrough messages.

Facility

Can manage walkthrough preferences

Manage the facility's unit walkthrough order and the preset walkthrough messages.

Facility


Communications & calls

Cubby has four separate call-related permissions. They are often confused — see the callout below for how they work together.

Permission

What it allows

Level

Can send messages

Access to the Messages section. Allows reading and sending two-way messages or message templates to tenants at the assigned facilities. At org level, grants full access to all tenant conversations across all facilities.

Org or Facility ⚠️

Can handle calls

Provisions the user as an agent in the call centre (Spoke). Required for any team member who will be receiving inbound calls. Without this, the user will not appear in Spoke's call queue.

Facility

Can manage calls

Full access to the Calls section in Cubby (call queue, call records, AI scores, transcripts). Required to view and work with call history. Does not provision the user in Spoke — that requires Can handle calls.

Org or Facility ⚠️

Can supervise communications

Supervisor-level capabilities: monitor live calls and view team dashboards. Intended for managers overseeing call centre performance.

Org or Facility ⚠️

Can configure calls

Add and edit Voice AI configurations, IVR settings, and call centre configuration for the organisation.

Org

How the call permissions work together: A typical site manager answering calls needs Can handle calls (to receive calls in Spoke) and Can manage calls (to view call history in Cubby). A supervisor who monitors the team but does not personally take calls needs Can manage calls and Can supervise communications. Can configure calls is a separate admin-level permission for setting up Voice AI and IVR — most operators will not need it.


Reports & analytics

Permission

What it allows

Level

Can use reports page

Access the Reports page and run or download any available report.

Org or Facility ⚠️

Can schedule reports

Schedule reports for recurring automated delivery (e.g. daily email of a specific report).

Org or Facility ⚠️

Can view analytics

Access the Analytics section. At org level, shows data across all facilities. At facility level, shows data for the assigned facility only.

Org or Facility ⚠️

Can use GL mapping

Use the GL Export Mapping tool to customise how Journal Entry data maps to your organisation's general ledger accounts.

Org


Settings & configuration

Permission

What it allows

Level

Can edit facility/org settings

At org level: full access to the Settings section across the organisation. At facility level: limited edit access scoped to the facility's Preferences tab — document templates, facility details, message templates, discounts, and similar items.

Org or Facility ⚠️

Can edit users

Access to the Users tab under Settings. Enables adding and editing users, deactivating or reactivating users, managing their facility or org-level access, and duplicating access from one user to another.

Org

Can use storefront builder

At org level: full access to the Storefront Builder portal. At facility level: limited access to view and edit the Facilities, Pricing Groups, Collections, and Variants tabs in the Content section — scoped to the assigned facility only.

Org or Facility ⚠️

Can manage workflows

Create, edit, publish, unpublish, duplicate, and delete automation workflows.

Org


Inventory & merchandise

Permission

What it allows

Level

Can manage merchandise

Edit access to the Product Catalog (Settings > Merchandise) — creating and editing products, pricing, and facility assignments — plus access to the per-facility Inventory page. Covers both areas in one permission.

Org

Can manage inventory

Edit stock quantities and costs on the Inventory page for the assigned facility, and import/export that facility's inventory. Does not grant access to the Product Catalog — that requires Can manage merchandise at org level.

Facility

Can create manager specials

Create and sell manager specials directly from the Shop tab on a tenant's rental.

Facility


Permissions that behave differently by level

The following permissions are frequently misunderstood because their scope or behaviour changes meaningfully depending on whether they are assigned at org level or facility level.

Can edit facility/org settings

  • At org level: Full access to the entire Settings section — user management, communication templates, document templates, fee library, integrations, and all organisation-wide configuration.

  • At facility level: Limited to the facility's Preferences tab only — document templates, message templates, facility details, discounts, and similar facility-scoped items. Does not expose org-level settings.

Can use storefront builder

  • At org level: Full access to the Storefront Builder portal, including all facilities, portfolios, collections, pricing groups, and variants.

  • At facility level: View and edit access to the Facilities, Pricing Groups, Collections, and Variants tabs — but only for the specific facility assigned. Cannot manage portfolios or other facilities.

Can send messages

  • At org level: Full access to all tenant conversations in the Messages section, across every facility in the organisation.

  • At facility level: Access only to conversations with tenants at the assigned facility.

Can view analytics

  • At org level: Access to portfolio-level, organisation-level, and all facility-level analytics views.

  • At facility level: Access to the facility-level analytics view only for the assigned facility.

If a user has a permission at both org level and facility level, the org-level assignment takes precedence and grants the broader scope.


⏮️ Previous

⏭️ Next

Did this answer your question?