Vanguard comes with advanced roles and permissions mechanism which allows you to easily manage your available roles and permissions via Web UI. The system is created to allow users to have only one role, and to allow different permissions for each role.
On roles section of the website administrators (or other users with appropriate permissions) can see and manage available system roles, as well as add an unlimited number of new roles. Page with default system roles (Admin and User) is provided below.
As it was already mentioned, users with appropriate permissions can add an unlimited number of roles, and use them to customize the application. More on that can be found in working with permissions section.
Form for adding a new role, and editing existing roles, is provided below.
Every role has a name, that is used as a key inside the source code of the application. The display name is used inside the UI to better explain who is this role referring to.
Permissions represent some concrete actions that specific role can perform. For example, one of the default permissions is
users.manage, and every user with a role which has this permission can manage system users.
This means that, for example, you can create new system role called
Manager, and allow managers to only edit system users, without them being able to update system settings etc.
Note! Default system permissions cannot be deleted from UI. Custom created permissions can be deleted without any problem.
List of available permissions, including available system roles and their permissions, is provided below.
If we want, for example, to allow system users with role
User to be able to View System Activity Log, all we have to do is to check the corresponding checkbox for that role, and click Save Permissions button at the bottom of the page. After that, all users will be able to see Activity Log in sidebar menu as well as to access the activity log for all system users.
Vanguard supports the unlimited number of permissions, and they can be added via the form provided below.
Permission name is used as key/constant inside the source code to check if the user has permissions to perform some action (more on that inside custom registration form example), and display name is used inside the UI, to better explain what the permission is used for.