For MED-EL team review · Prepared by Coopers Digital · March 2026
Sourced from the current codebase (backend + frontend), extracted by Lucas Maieski (Coopers Digital). Translated to plain language for product review. Rows marked ⚠ indicate permissions that appear inconsistent or require confirmation. Updated 2026-03-12 with confirmed connection visibility matrix, messaging behavior, and CSV export fix.
Roles in this document
Candidate / Caregiver
member
Self-registered user — newly diagnosed, candidate for implant, or caregiver
Recipient
medel_user
Confirmed cochlear implant recipient
Mentor
mentor
Trained volunteer mentor
Area Manager
area_manager
Regional manager — oversees users and groups within an area
Super Admin
super_admin
Highest-privilege community governance role
Not included:administrator is a technical account used internally by Coopers Digital. It is not a MED-EL business role.
1 Connections
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Browse community members
✔
✔
✔
✔
✔
Send a connection request
✔
✔
✔
✔
✔
Accept a connection request
✔
✔
✔
✔
✔
Decline a connection request
✔
✔
✔
✔
✔
Cancel a sent request
✔
✔
✔
✔
✔
View own connections list
✔
✔
✔
✔
✔
Connection requests auto-accepted (when sent to this role)
—
—
—
✔
✔
Who can see and connect with whom — confirmed from capabilities (can_see_connection_* / add_friend_*). Visibility and connection permission are symmetrical: if a role can see a target role's profile in the connections area, it can also send a connection request to that role.
This role…
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Candidate
—
—
✔
—
—
Recipient
—
✔
✔
—
—
Mentor
✔
✔
✔
—
—
Area Manager
✔
✔
✔
✔
—
Super Admin
✔
✔
✔
✔
✔
Pattern: Each role can see all roles below it in the hierarchy, plus its own. Area Manager cannot see Super Admin; Candidate can only see Mentors.
2 Groups
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Join a group
✔
✔
✔
✔
✔
Access private or hidden groups (as a member)
✔
✔
✔
✔
✔
Create a group
—
—
✔
✔
✔
View pending join requests
—
—
✔
✔
✔
Approve or decline join requests
—
—
✔
✔
✔
Edit group settings
—
—
✔
✔
✔
⚠ Candidate can only join global groups — area-specific groups are not available to them in the UI. This may be intentional (candidates are not yet assigned to an area), but should be confirmed.
3 Posts & Feed
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Read posts in the feed
✔
✔
✔
✔
✔
Create a regular post
—
✔
✔
✔
✔
Create an FAQ post
—
—
✔
✔
✔
Create an institutional post
—
—
✔
✔
✔
Ask a question to mentors
✔
—
—
—
—
See and respond to mentor questions
—
—
✔
✔
✔
Edit own post
—
✔
✔
✔
✔
Edit any user's post (moderation)
—
—
✔
✔
✔
Delete own post
—
✔
✔
✔
✔
Delete any user's post (moderation)
—
—
✔
✔
✔
Pin a post in a group
—
—
—
✔
✔
Save a post
—
✔
✔
✔
✔
Like a post
✔
✔
✔
✔
✔
Translate a post
✔
✔
✔
✔
✔
Upload media (image / video) with a post
—
✔
✔
✔
✔
Note: Not all post types are visible to all roles — e.g. Candidate cannot see default feed posts; Recipient cannot see FAQ posts. Visibility rules should be reviewed separately.
4 Comments
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Write a comment
—
✔
✔
✔
✔
Edit own comment
⚠
✔
✔
✔
✔
Delete own comment
⚠
✔
✔
✔
✔
Edit or delete any user's comment (moderation)
—
—
✔
✔
✔
⚠ Candidate cannot write comments but currently has edit and delete permissions on their own comments. This is inconsistent — if they cannot create comments, edit/delete serves no purpose. May reflect a legacy state or planned restriction.
5 Chat & Messaging
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Send a direct message
✔
✔
✔
✔
✔
Receive a direct message
✔
✔
✔
✔
✔
Configure a welcome message (auto-sent on area connection)
—
—
—
✔
✔
Configure an automatic response message
—
—
—
✔
✔
Confirmed (Lucas Maieski, 2026-03-12): There are no role-based restrictions on messaging. Any authenticated user can send and receive messages — the only requirement is that the two users have an existing connection. A Candidate can message a Mentor only after a connection has been established.
6 Profile
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
View any member's profile
✔
✔
✔
✔
✔
Edit own profile
✔
✔
✔
✔
✔
Upload a profile photo
⚠
✔
✔
✔
✔
Manage notification preferences
✔
✔
✔
✔
✔
⚠ Candidate cannot upload a profile photo. This restriction is enforced in the backend. If Candidates are expected to have a visible profile, this should be revisited.
7 Administration
What the user can do
Candidate
Recipient
Mentor
Area Mgr
Super Admin
Access community settings panel
—
—
—
✔
✔
Access WordPress backend
—
—
—
✔
✔
View admin dashboard
—
—
—
—
✔
Manage community options
—
—
—
✔
✔
Send invitations to join the community
⚠
⚠
✔
✔
✔
Import translations (XLIFF / CSV)
—
—
—
✔
✔
Export member list as CSV
—
—
—
✔
✔
⚠ All roles can send community invitations — there is no capability check on the invitation endpoint, only a login requirement. Should Candidates and Recipients be able to invite external users?
Fixed (Lucas Maieski, 2026-03-12): CSV export is now restricted to roles with the export capability — Area Manager and Super Admin only. The backend check on user.export_csv was updated accordingly. Candidate, Recipient, and Mentor no longer have access.
⚠ Summary of anomalies
Section
Issue
Likely fix
1
Posts
Candidate cannot see default feed posts or create regular posts
Clarify intended Candidate experience in the feed
2
Comments
Candidate can edit/delete own comments but cannot create them
Either grant comment creation or remove edit/delete from Candidate
3
Profile
Candidate cannot upload a profile photo
Grant upload capability to Candidate if profile photo is expected
4
Administration
All roles can send community invitations — no capability check
Decide intended scope — likely Mentor+ or Area Manager+
6
Groups
Candidate can only join global groups, not area-specific ones
Confirm if intentional — candidates have no area assignment