Access Control

Conceptually, there are groups, users, permissions, and pages that determine what a user is supposed to see.

  • A group can contain users. If a user belongs to a group, the user permission is overridden by group's permissions.
  • A group can be granted permissions
  • A user can be granted permissions
  • A permission is a collection of pages which users are allowed to see

These configurations are stored in acces_ tables, see Kwok Schema for details.