These permissions are built-in Hub and regulate access to Hub administration.
Operations with a space
- Create Space (global) — Create new space
- Read Space (per space) — View space properties and content. List space resources. Is required (with Read Role) to read space roles of user/group/service
- Update Space (per space) — Edit space properties and content. Add/remove resources.
- Delete Space (per space) — Delete space
Operations with a role (all global)
- Create Role — Create new role
- Read Role — View the list of roles. View a set of role permissions. Is required (with Read Space) to read space roles of user/group/service
- Update Role — Modify role properties and a set of role permissions
- Delete Role
Operations with a space role (linkage operation between space and role)
- Add Role in Space (per space) — Assign to user/group/service the role in the space.
- Remove Role in Space (per space) — Revoke from user/group/service the role in the space.
Operations with a user (all global)
- Create User — Register new users. Invite new users.
- Read User — View the list of registered user accounts. Read user authorization details. Is required (with Update Group) to modify group membership for the user
- Update User — Edit user name, edit/create/delete user details, ban and merge user accounts.
- Read Self — Same as Read User but only for the logged in user.
- Update Self — Same as Update User but only for the logged in user.
Operations with a user group (user groups are resources of space)
- Create User Group — Create new user groups
- Read User Group — View the list of user groups. View group properties. View subgroups (Read User Group for subgroup is required). View members (Read User is required).
- Update User Group — Modify properties of a user group. Add/remove subgroups (Update User Group for parent and child groups is required). Is required (with Read User) to modify group membership
- Delete User Group
Operations with a service (all global)
- Create Service — Register new service
- Read Service — View the list of services. View properties of a service. View service resources, permissions, default roles
- Update Service — Modify properties of a service. Modify (create/update/delete) service resources, permissions, default roles
- Delete Service — Delete service
Operations with an authentication module (all global)
- Create Auth Module — Create new authentication module
- Read Auth Module — View the list of auth modules. View preoperties of an auth module
- Update Auth Module — Modify properties of an auth module
- Delete Auth Module — Delete auth module
Not entity related permissions (all global)
- JetPass Low-level Administration — Manage low-level administrative actions like integrations with third-party services and database backup
Last modified: 7 May 2015