Roles & Permissions
Pubvana uses role-based access control to determine what each user can do in the admin panel.
TL;DR
Five roles: Super Admin (full control), Admin (day-to-day management), Editor (all content), Author (own posts only), Subscriber (read premium content). Roles are assigned per-user at Admin → Users → Edit.
Details
Pubvana's permission system is built on CodeIgniter Shield groups. Each role is a named group with a defined set of permissions. There are 16 permissions across six namespaces.
Permissions Reference
| Permission | Description |
|---|---|
admin.access | Log in to and navigate the admin panel |
admin.settings | Access Admin → Settings |
admin.themes | Access Admin → Themes |
admin.widgets | Access Admin → Widgets |
admin.marketplace | Access Admin → Marketplace |
admin.navigation | Access Admin → Navigation |
posts.create | Create new posts |
posts.edit | Edit any post |
posts.edit.own | Edit only posts the user authored |
posts.delete | Delete posts |
posts.publish | Publish or schedule posts |
posts.read.premium | Read premium/paywalled content |
pages.manage | Create, edit, and delete static pages |
comments.moderate | Approve, reject, and delete comments |
media.upload | Upload files to the Media Library |
users.manage | Create, edit, and delete user accounts |
Role Breakdown
Super Admin
Full unrestricted access. Receives wildcard permissions covering all namespaces.
Permissions: admin.*, posts.*, pages.*, comments.*, media.*, users.*
Admin
Day-to-day site management. Can do almost everything except change core system settings, themes, widgets, marketplace, and navigation (those are reserved for Super Admin).
Permissions: admin.access, posts.create, posts.edit, posts.delete, posts.publish, posts.read.premium, pages.manage, comments.moderate, media.upload, users.manage
Editor
Full content management. Can manage all posts and pages, moderate comments, and upload media. Cannot manage users or access system settings.
Permissions: admin.access, posts.create, posts.edit, posts.delete, posts.publish, posts.read.premium, pages.manage, comments.moderate, media.upload
Author
Can create and manage their own posts. Cannot edit other users' posts.
Permissions: admin.access, posts.create, posts.edit.own, posts.publish, posts.read.premium, media.upload
Key distinction: Authors have posts.edit.own — they can only edit posts where they are the listed author. Editors and above have posts.edit — unrestricted editing of any post.
Subscriber
Front-end only role. Can read premium/paywalled content when logged in. Has no admin panel access.
Permissions: posts.read.premium
Assigning Roles
Roles are assigned per-user. Go to Admin → Users, click Edit on a user, and select the desired role from the Role dropdown. The change takes effect immediately.