TUTOS has a set of permissions for every object you use in the system. Internally this is called a ACL (AccessControlList).
There are four different types of permissions.
- See. You may see the object
- Use. You can use the object. For example attach a note to the object.
- Modify. You are allowed to change the contents of the object.
- Delete. Yo can delete the object.
Higher permissions include all the lower permissions. Someone who has a delete permission is allowed to change the permissions and provide new rights to other users and teams.
The list of possible permission owners will only present:
- users and teams that already have rights
- their own teams and their members
- users and teams where you have the "use" permission
New objects are created with some default permissions. The default permissions depend on the configuration parameter $tutos[defaultacl]
0 = everybody can see it 1 = all teams of the creator can see it 2 = no default-acl, defaultgroups from db (set in user_new dialog)
Starting with TUTOS 1.7 you will also be able to set feature permissions for every object. As an example you can disable the possibility to add notes to an specific project for a group of users. To do so you can select the feature on top of each permission screen.