Permissions

Accounts Permissions

User and Group permissions for managing account related information are:

Option Value Description
Configuration admin.configuration Gives the user access to the Configuration area of the admin.
    Accounts Configuration admin.configuration.accounts Gives the user access to the Accounts Configuration found inside the Accounts area of the admin.
Accounts admin.accounts Gives the user full access to the Accounts area of the admin.
    Create admin.accounts.create Gives the user access to Create user accounts and groups.
    Read admin.accounts.read Gives the user access to Read user accounts and groups.
    Update admin.accounts.upodate Gives the user access to Update user accounts and groups.
    Delete admin.accounts.delete Gives the user access to Delete user accounts and groups.
    List admin.accounts.list Gives the user access to Accounts area of the admin.

The possible values for the permissions are:

Option Value Description
Allowed true Allows action to be performed if there is no Denied permission at the same level.
Denied false Denies action from being performed. If user has both Allowed and Denied set, Denied permission wins.
Not set null No effect, but acts as Denied if no other rules apply.

Permissions set specifically for the user account take precedence over the group permissions. If the permission has not been set in the user account, access check will be performed against all the user groups the user belongs to. If any of the user groups have Denied the action, user has no permission for the action. Otherwise, if any of the user groups have Allowed the action, permission will be granted. If permission has not been set in any of the user's groups, Super User permission acts as universal Allowed, otherwise Denied will be applied.

Found errors? Think you can improve this documentation? Simply click the Edit link at the top of the page, and then the icon on Github to make your changes.