You can set up Permissions based on groups or individual users. Setting up individual users should be used in very specific cases, and should be avoided in most cases. Stick with Group Permissions where possible as indicated by others.
Think of a Group like a cell phone package. For example:
Talk50 Plan gets you:
- Voice mail with 10 message storage
- Call Display
- Call Waiting
- Free Evenings and Weekends
- Emergency number calling
Safety10 gets you:
- Outgoing calls only
- Emergency number calling
When you buy your cell phone, you pick a rate plan package and activate it. You then get the features that come with that plan.
You can compare that to Group permissions and Group Forum permissions and you create different permission packages of access. Example:
Group Permissions (general usability for user groups):
Registered Users
- Can attach files - Yes
- Can download files - Yes
- Can save drafts - Yes
- etc, etc.
Group Forum Permissions (granting Forum access to User Groups)
My first Forum -> Registered Users
- Can see Forum - Yes
- Can read Forum - Yes
- Can start new topics - Yes
- etc, etc.
My second Forum -> Registered Users
- Can see Forum - Yes
- Can read Forum - Yes
- Can start new topics - No
- etc, etc.
Every Forum or Catagory needs to be told what kind of access the different user groups get. Global Moderators will get Moderator permissions that Registered Users won't get. Administrators will get Permissions that Moderators and Registered Users won't get (although there aren't really any fancy forum permissions for administrators... I'm just giving an example). It's extremely customizable. The toughest part is learning how to find everything.
The nicest part about groups is that you can stack many groups on a single user. For example, a moderator can be part of both the Registered Users group AND the Global Moderators group. The extra permissions for the Moderators will supersede that of the Registered Users group in
almost a Rock, Paper, Scissors format. Yes always beats a No. Never always beats a Yes. No is already a negative, so there's no point in comparing it to a Never.
You could go as far as to create a
downgrading user group to punish users for being bad (instead of banning the trolls, just make life misserable). You could create a User Group called "On Probation" and stick a bunch of Never's in the permissions. When you add them to that group, they loose access to whatever you defined for that group. It's neat.