Permissions

🚧

Special Groups

There are two special groups within OptiPub: "General" and "Administrators." A user is automatically added to the "General" group when their account is created.

The "Administrators" group will have access to all permissions regardless of their assigned permissions.

Permissions are all organized under "Access Rules." An access rule is simply an API method. An access rule can be applied to a group or user. All permissions are assigned to a user or group. Consider the following:

{
      "id": 3,
      "controller": "Angel\\Http\\Controllers\\Backend\\Core\\Tasks\\TasksAPIController",
      "action": "index",
      "deleted_at": null,
      "created_at": "2018-10-01 18:12:08",
      "updated_at": "2018-10-01 18:12:08"
    },

This access rule gives access to the Tasks API Controller index method, allowing a user to query and list all running tasks.

❗️

Access

It is important to understand the permission system if you decide to grant permissions outside of the default roles. Failure to apply permissions correctly may result in some actions becoming unavailable within the OptiPub interface.

We highly recommend that you use groups when managing your permissions in order to reduce the risk of giving a user too many permissions.