Content Comparison

...

• Settings - Administrators

But because this allows the administrator to edit all permissions of all administrators, including himself, this permission is in fact above all others and means the highest privileges. Since version 2.1 this is therefore clearly indicated and granting this permission means automatically granting all others.

User management

This permission allows an administrator to manage the users of the application. That means creating new local users, edit existing ones, change their passwords, or delete them. He can also manage API tokens, because the tokens are always bound to a specific user. So the administrator can perform all actions in:

• Settings - Users

• Settings - API tokens

• Settings - Configuration - User settingsUsers

Access to logs

Administrator accounts with this permission have full access to Audit Logs and also to setting a syslog target, where copies of all audit log messages are sent. So such an administrator can:

...

This permission allows administrators to perform complete configuration of the application, with the exception of features and sections defined in the other permissions. So an administrator with this permission can do all actions in:

• Settings - Configuration - Basic settings

• Settings - Configuration - Packages - General

• Settings - Configuration - Packages - Expiration

• Settings - Configuration - Packages - Size limits

• Settings - Configuration - Packages - Access control

• Settings - Configuration - Packages - Approval of sending

• Settings - Configuration - LicensePackages - Limit number of accesses

• Settings - Configuration - Security - General

• Settings - Configuration - Data integritySecurity - Password rules

• Settings - Configuration - Security - Package size limitsLimits

• Settings - Configuration - Package workflowData integrity

• Settings - Configuration - E-Mail

• Settings - Configuration - Notifications

• Settings - Configuration - Appearance

• Settings - Configuration - License

• Settings - Configuration - Diagnostics

• Settings - Templates

• Settings - Domains

• Settings - Datastores

• Settings - Detection settings

• Settings - Active Directory

• Settings - ADFS

...

As a prerequisite this permission requires the permission “application settings“ above. It allows the administrator to access and modify the settings related to encryption, located in section:

• Settings - Configuration - Data encryption

Access to list of packages and it's metadata

...

As a prerequisite this permission requires the permission “access to list of packages and it's metadata” described above. It further allows the administrator to perform all package actions (like release from quarantine, delete, restore deleted, etc.) except de/encryption.

Encrypt / decrypt package

As a prerequisite this permission requires the permission “Package management” described above. It further allows the administrator to perform decryption or encryption of selected packages at will.