(zettel (meta (back "00001006020000 00001010000000 00001012921200") (backward "00001006020000 00001006020400 00001010000000 00001010040200 00001012921200") (box-number "1") (created "20210126175322") (forward "00001006020400 00001010040200 00001010070200") (modified "20220214175212") (published "20220214175212") (role "manual") (syntax "zmk") (tags "#authorization #configuration #manual #security #zettelstore") (title "User roles")) (rights 4) (encoding "") (content "Every user is associated with some basic privileges.\nThese are specified in the [[user zettel|00001010040200]] with the key ''user-role''.\nThe following values are supported:\n\n; [!reader|\"\"reader\"\"]\n: The user is allowed to read zettel.\n  This is the default value for any user except the owner of the Zettelstore.\n; [!writer|\"\"writer\"\"]\n: The user is allowed to create new zettel and to change existing zettel.\n; [!creator|\"\"creator\"\"]\n: The user is only allowed to create new zettel.\n  It is also allowed to change its own user zettel.\n\nThere are two other user roles, implicitly defined:\n\n; The anonymous user\n: This role is assigned to any user that is not authenticated.\n  Can only read zettel with visibility [[public|00001010070200]], but cannot change them.\n; The owner\n: The user that is configured to be the owner of the Zettelstore.\n  Does not need to specify a user role in its user zettel.\n  Is not restricted in the use of Zettelstore, except when a zettel is marked as [[read-only|00001006020400]]."))