Users can be allowed to perform various actions on the site via permissions.
Many permissions refer to a particular resource, for example a file. Permission group will typically have four separate permissions. View, create, update and delete.
Lets take file as an example:
View - Would allow user to preview file contents on the site.
Create - Would allow user to upload files on the site.
Update - Would allow user to modify uploaded files.
Delete - Would allow user to delete uploaded files.
User does not need view, update or delete permission to view or modify their own resources (files in this example) only resources that do not belong to them.
Roles can be attached to multiple users. They can be created from admin -> roles page.
Users will inherit all permissions from all roles they belong to.
Roles also have two special types:
Default - Roles marked as default will be automatically attached to all newly registered users.
Guests - Roles marked as guests will be automatically attached to all non-logged in users.
Users can be given permissions in three ways:
Directly to the user from admin -> users page. Either when creating a new user or editing existing one.
By giving permission to a role from admin -> roles page. Users belonging to this role will inherit role's permissions.
By giving permissions to a subscription plan from admin -> plans page. Users subscribed to this plan will have permissions attached to the plan.
