Understanding Roles and Permissions
The permissions function allows the system administrator/manager to control the actions that each user can perform within Graffiti. The roles function allows you to assign the functions available Graffiti users.
There are a few concepts you need to understand about how permissions and roles work:
- Users - Users are your Graffiti registered users.
- Roles - Roles organize individual users so you, as an administrator, can assign functions to individual users.
- Permissions - Permissions are the functions granted each role.
When you as system administrator create user accounts, you assign each a role to the user. Graffiti supports 3 pre-defined roles with default permissions but you can create as many additional roles as you need.
The pre-defined roles include the following:
| Role | Description | Default Permissions |
| Manager | Has read/write/publish permissions in Graffiti. |
|
| Contributor | Has read/write permissions only. |
|
| Everyone | Has only read permission for Graffiti site content. |
|
If you do not assign a role to the user, Graffiti automatically assigns the Everyone role to that user.
You can customize additional roles as well and assign them the permissions you want: read, write, and publish. In addition to the permissions you assign the role, you can also specify which of your categories you want to assign the role. For example, if you have a category called New Lights, you may want to assign a manager role to only the New Lights category. You can give your New Lights manager full read/write/publish permissions to only the New Lights category. Similarly, you can assign non-manager roles with limited permissions to other users so they can access only the content of a specific category.
If you do not specify a category with a role, then the user will inherit the default permissions of the role.
