================================ Staff / Settings / Authorization ================================ .. index:: authorization, user rights, user roles, user groups, permissions On the authorization page permissions can be managed for a certain user or user group. Use this page to manage both for end-users permissions and staff users permissions. Only users that have **Is staff** flag are allowed to log into the the staff panel, while staff users are not allowed to log into the end-users area (to avoid any confusion). Hence the permission applies for each user's panel: staff user rights for staff panel and end-user rights for end-user panel. .. image:: /_static/images/staff/settings/authorization/settings-authorization-empty.png In order to change permissions, search for a user or group in the autocomplete input field then after you select one, a detailed list will be displayed. .. image:: /_static/images/staff/settings/authorization/permissions-list.png As you can see, permissions are displayed on 2 columns on desktops and 1 column on mobile screens. Each permission category is separated by a headline. .. image:: /_static/images/staff/settings/authorization/permissions-description.png Hovering over a permission will display a tooltip containing the description of that item. You can switch on/off a permission by clicking on the whole row. Effective permissions --------------------- A user has 2 checkboxes for each permission, the first one representing the value that is only assigned to his own permissions set, and the second checkbox, the disabled one, representing the effective permission that the user currently has for that action. .. image:: /_static/images/staff/settings/authorization/permissions-checkboxes.png **Effective permissions** are calculated based on the values of permissions of the user groups that the user is part of, and his own permissions. .. image:: /_static/images/staff/settings/authorization/effective-permission.png If the user is included in any group, a note will be displayed on top of the permissions list that tells about the effective permissions, and lists the groups that the user is part of. .. image:: /_static/images/staff/settings/authorization/user-in-usergroup-note.png Once you finish managing permissions, click the **Save** button from the bottom of the list. Permissions for user groups --------------------------- Everything works the same for user groups, except that they don't have effective permissions, as their permissions cannot be influenced by another permissions set values. Trying to take action without having permission ----------------------------------------------- If a user doesn't have the effective permissions to take a certain action, the related buttons for that action are disabled or an error dialog will be shown like in the following image. .. image:: /_static/images/staff/settings/authorization/permission-error.png Default permissions ------------------- Default permissions for every user or user group can be managed using **Grant all permissions implicitly** setting from see :ref:`general-advanced-settings` tab on **General settings page**.