UsersConcepts
User Concepts
Core concepts behind user management in Rahal
User Concepts
This section explains the core concepts behind user management in Rahal.
Concept Overview
| Concept | Description | Learn More |
|---|---|---|
| User vs CompanyUser | Separate identity from membership | This page |
| Onboarding | How users join companies | Onboarding |
| Permissions | Role-based access control | Roles & Permissions |
User vs Company User
Rahal separates user identity from company membership:
| Entity | Purpose | Contains |
|---|---|---|
| User | Core identity | Email, password, name, phone |
| CompanyUser | Membership | Links user to company with a role |
This separation enables:
- Clean distinction between user credentials and company access
- Role-based permissions within the company
- Centralized authentication with company-scoped authorization
Each user belongs to exactly one company. Permissions are evaluated based on their role in that company.
User Status
Status States
| Status | Can Login | Visible in List |
|---|---|---|
| Active | ✅ | ✅ |
| Inactive | ❌ | ✅ |
| Deleted | ❌ | ❌ |
Status Transitions
Permission Inheritance
Every user has permissions from two sources:
Base Permissions (Always Included)
All company users automatically have:
| Permission | Capability |
|---|---|
| Book flights | Search and book flights |
| Book hotels | Search and book hotels |
| Manage travelers | Create and edit own travelers |
| Submit requests | Create booking requests |
| View bookings | See own booking history |
These cannot be removed — they are inherent to being a company user.
Role Permissions (Added by Role)
Additional permissions from assigned role:
| Role | Additional Permissions |
|---|---|
| Member | Base permissions only |
| Manager | Dashboard access, view all bookings, approve requests |
| Admin | User management, policies, budgets, roles |
User Information
Each user account stores:
| Field | Description |
|---|---|
| Unique login identifier | |
| Password | Securely hashed credential |
| Full Name | Display name shown throughout the platform |
| Phone | Optional contact number |
Each company membership stores:
| Field | Description |
|---|---|
| Company | Which company the user belongs to |
| Role | The role assigned within that company |
| Status | Whether the membership is active |
| Joined | When the user joined the company |
Traveler Ownership
Users own traveler profiles for booking:
- Each user can have multiple travelers (self, family, colleagues)
- Travelers have passport and document attachments
- Travelers are selected when booking travel
- The primary traveler is typically the user themselves
Detailed Concepts
Related Topics
- Roles & Permissions — How roles control user access
- Travelers — Managing traveler profiles
- Delegation — Booking on behalf of others