docs: clarify how permissions are additive

Bug #1986829 reported by Galen Charlton
22
This bug affects 5 people
Affects Status Importance Assigned to Milestone
Evergreen
Confirmed
Wishlist
Susan Morrison

Bug Description

Two subtle point that should be documented, perhaps in admin/permissions, are:

- If a user has a permission at more than one depth (because they have per-user permissions or are in secondary permissions groups), the depth that gives them the broadest access wins
- There is no way to override a permissions grant. I.e., if a permission is assigned via the user's profile, it cannot be revoked or restricted at the per-user level or via a secondary permissions group.

Evergreen master

Galen Charlton (gmc)
tags: added: documentation
Changed in evergreen:
status: New → Confirmed
importance: Undecided → Wishlist
Changed in evergreen:
assignee: nobody → Susan Morrison (smorrison425)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.