With the latest release of v3.0, Tailor blueprints automatically include permissions to manage their content. As a result of this work, the general permission structure has also been improved.
See the Permissions documentation for more details:
Nested Permissions
Permission codes support a nested structure to provide a cleaner interface when selecting permissions. To nest a permission code the “dot” value must be a direct descendant of its parent and unlimited nesting is supported.
In the following example, the manage_entries permission must be granted for the manage_entries.create and manage_entries.publish codes to become available. Visually it is represented like this:
├── manage_entries
| ├── manage_entries.create
| └── manage_entries.publish
└── delete_entries
Role Hierarchy
Each role is assigned a ranked position in the backend panel, represented as the sort_order column in the database. This allows a basic organisational structure to be established where users can only manage roles lower than their own role.
In the following example, the Senior Editor can manage all the users, outranking Staff Writer and Fact Checker roles. Whereas, the Fact Checker role cannot see users or manage permissions above them, in the Staff Writer and Senior Editor roles.
- Senior Editor
- Staff Writer
- Fact Checker
If the Manage Admins → Manage Roles permission is granted, users can manage their own users, permissions and roles existing below their current role.