This picture shows the initial permission settings that come with a new installation. A detailed explanation of each of the items follows:
Allow those in group 'Admins' to access everything at permission level 'Admin'.
Group 'Admins'. This group should have all site administrators in it
Component '.*'. This matches any component
Instance '.*'. This matches any instance
Level 'Admin'. This allows the highest level of access
Stop non-administrators from viewing the Administration entry in the main menu.
Group 'All groups'. This is a special group that includes every user on the site that is a member of a group, and also the unregistered (anonymous) user. Note that this group cannot have users added to it; it automatially picks up all users in the system when it runs. Note that it is a very good idea to ensure that all users are in at least one group on the system
Component 'Menublock::'. This matches anything with the component 'Menublock::', which are all of the blocks with type 'Menu'
Instance 'Main Menu:Administration:'. This will match for a menu block titled 'Main Menu' and a link titled 'Administration'
Level 'None'. This means that no access at all will be allowed; in the case of the menu this just means that the link will not be displayed
Allow normal users to do anything on the system up to comment
Group 'Users'. This group should have all site users in it
Component '.*'. This matches any component
Instance '.*'. This matches any instance
Level 'Comment'. This allows access up to the level of commenting. Any attempts to do things beyond this will be refused.
Stop unregistered users from seeing user-specific items in the main menu.
Group 'Unregistered'. This is a special group that corresponds only to users who are not logged in to the site.
Component 'Menublock::'. This matches anything with the component 'Menublock::', which are all of the blocks with type 'Menu'
Instance 'Main Menu:(My Account|Logout):'. This will match for a menu block titled 'Main Menu' and a link titled 'My Account' or 'Logout'
Level 'None'. This means that no access at all will be allowed; in the case of the menu this just means that the link will not be displayed
Allow unregistered users to do anything on the system up to read
Group 'Unregistered'. This is a special group that corresponds only to users who are not logged in to the site.
Component '.*'. This matches any component
Instance '.*'. This matches any instance
Level 'Read'. This allows access up to the level of commenting. Any attempts to do things beyond this will be refused.
