Access Permissions
Almost every feature of Projectfork requires the proper permissions before it can be used. These permissions are assigned to every user through groups and access levels. There are two different types of groups and access levels:

Global groups and access levels

Depending on the users account type in Joomla, that user will automatically be assigned to the corresponding global group and access level. For example: A registered user in Joomla will be in the global group "Registered group" and will also have the access level "Registered user" in Projectfork. Permissions gained from a global type are always active, regardless of which project is currently selected as workspace.  It is not possible to create new global groups or global access levels and you can't assign users manually to these types because it's all automated, depending on the users joomla account.

Project groups and access levels

Unlike the global type, project groups and project access levels are only active for a specific project. Furthermore, you can assign users manually and create as many groups and access levels as you like for each project. Permissions gained from these groups and access levels do not overwrite permissions gained from global groups or access levels. Instead, they supplement each other.

projectfork_permissions

Permission factors - Group permission, Score, Flag, Special access

Being in a group and having an access level is only half the deal. The thing of importance is what permission values they contain. But before we get to that, let's start with the factors themselves. Before a permission is "true" or granted to a user,  certain requirements must be met:

Group permission
Group permission simply means whether a permission is ticked or not in the group settings. All users that are in this group will have access to the selected features, provided all other requirements are met as well.

group_permission



Score
Score is a number that needs to be equal or higher than the permissions demands. This score is part of the access level. Here an example: Let's assume we have a registered user. So he will have the access level "Registered user" which gives him a score of "1". If this user wanted to delete a project, he would need a Score of at least "999".

score



Flag
There are 2 types of flags: "System Administrator" and "Project Administrator". Both are part of the access level just like the score. These flags are used to identify users who may have special access to certain features. For example, in order to access the Projectfork config, a user must be flagged as "System Administrator". Everyone else won't be able to access it. Users that have created a project will automatically be flagged as "Project Administrator" for their project.

Special access
Special access defines the special circumstances under which a user can access a feature. Possible circumstances are:
  • Nothing
  • Public - Everyone can access the feature, even when not logged in
  • Must be logged in - The user must be logged in before he ca access the feature
  • Must be in workspace - The user must have a workspace selected before he can access the feature
  • Must be the author - The user must be the creator/author of the item in order to access a feature related to the item

Summary

This may all be complicated at first, but for the beginning just remember this: Groups and access levels are containers of the different permission factors. Groups contain the "group permission" factor and access levels contain the "Score" and "Flag" factors. Based on these factors, the system will determine which features are user can access.

projectfork_permissions2