These permissions are actually a Django concept. We use them for some
"special" users, but really what they're about is access to the admin UI.
With the exception of the permissions documented in our online documentation
(see the post-review documentation on "Automating post-review"), these are
essentially useless for most sites and are ignored.
There's no mechanism today for disallowing certain actions per-user. That's
planned for a future release.
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com
On Tue, Dec 15, 2009 at 7:38 PM, JohnHenry <qhlonl...@163.com> wrote:
> Hi, all.
> In my understanding, There are two kinds of Permission control on
> ReviewBoard, One is to ReviewRequests and the Other is for Database.
> But all premissions are named as "Can ...', Such as "Can add profile "
> and "Can change profile"; There is no "Can't " then how to forbide
> user operation? May be default permission is "Can not"? But when a
> user is registed, And as Administrator, I did not give him any
> permission, Why the user can add NewReview request and add comments
> ( That is equal to say he has permission on some Database
> automatically ), So I don't think all permissions are defaultly "Can
> not" now. Can any body give me some guidance? We are needing more
> powerful permission control on ReviewBoard now. So I wan't to
> understand RB permission control more.
> Best Regards!
> Want to help the Review Board project? Donate today at
> Happy user? Let us know at http://www.reviewboard.org/users/
> To unsubscribe from this group, send email to
> For more options, visit this group at
Want to help the Review Board project? Donate today at
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to
For more options, visit this group at