GeoHazardWatch implements a role-based access control (RBAC) system that defines what actions users can perform within the GeoHazardWatch . This system provides fine-grained permission control while maintaining simplicity for Administrator.
| Username: | Anonymous |
| Display Name: | Anonymous User |
No roles assigned
No permissions assigned (no roles with permissions)
Roles and the Permissions each Role are defined in Configuration System as Access Control Policies
| Role Name | Display Name | Description | Type | Icon |
|---|---|---|---|---|
admin |
Administrator | Full system access to all features | System | |
anonymous |
Anonymous | Public access without authentication | System | |
contributor |
Contributor | Can create and edit pages | System | |
editor |
Editor | Can create, edit, delete, and rename pages | System | |
member |
Member | Community member — same read access as reader, placeholder for community-specific permissions | System | |
reader |
Reader | Read-only access to content | System | |
user-admin |
User Administrator | Can manage users — create, edit, deactivate, delete | System |
| Category | Actions |
|---|---|
* |
*
|
admin-roles |
admin-roles
|
admin-system |
admin-system
|
asset-delete |
asset-delete
|
asset-read |
asset-read
|
asset-upload |
asset-upload
|
page-create |
page-create
|
page-delete |
page-delete
|
page-edit |
page-edit
|
page-export |
page-export
|
page-read |
page-read
|
page-rename |
page-rename
|
search-page |
search-page
|
search-user |
search-user
|
user-create |
user-create
|
user-delete |
user-delete
|
user-edit |
user-edit
|
user-read |
user-read
|
* *
* admin-roles
* admin-system
* asset-delete
* asset-read
* asset-upload
* page-create
* page-delete
* page-edit
* page-export
* page-read
* page-rename
* search-page
* search-user
* user-create
* user-delete
* user-edit
* user-read
Current User Assignments are available at Security Policy Management (admin permission required)
| Permission | Administrator | User Administrator | Editor | Contributor | Reader | Member | Anonymous |
|---|---|---|---|---|---|---|---|
page-read
View pages |
|||||||
page-edit
Edit pages |
|||||||
page-create
Create new pages |
|||||||
page-delete
Delete pages |
|||||||
page-rename
Rename pages |
|||||||
page-export
Export pages |
|||||||
asset-read
View assets (attachments) |
|||||||
asset-upload
Upload assets |
|||||||
asset-delete
Delete assets |
|||||||
search-page
Search pages |
|||||||
search-user
Search users |
|||||||
user-read
View user list and profiles |
|||||||
user-edit
Edit user accounts |
|||||||
user-create
Create user accounts |
|||||||
user-delete
Delete user accounts |
|||||||
admin-system
System administration |
|||||||
admin-roles
Role management |
Roles work seamlessly with Access Control Lists:
Beyond user roles, the system recognizes these special principals:
See Page Level Access Control Lists for page-level security, User Management for managing users, and System Configuration for system settings.