Granting and revoking user rights
---------------------------------

.. index:: user;user grant
.. index:: user;user revoke
.. index:: user;user list

Once a user is added the user needs to be granted access to run
commands. The user's command menu will only display those commands to
which access have been granted.

To grant access to a command use the 'user grant' command as follows:

**user grant <username> <command> [options]**

Only one command can be granted at a time, however these can be complex.
The more detailed the command, the more fine-grained the privilege
becomes.  This is best explained by example.

Running the following command:

**user grant peter app**

Will allow the user peter to execute any command within the 'app' series
of commands. However it could be restricted further by instead running a
command like:

**user grant peter app list**

With this version peter will see the **app** command on his menu, but its
help will only display 'list' as a sub-command - peter can thus see the
list of apps but cannot perform more potentially risky tasks such as
installing or restarting applications.

This can be expanded to other subsets by simply running additional
grants:

**user grant peter app start**

Would now allow peter to both see the list of applications or restart
applications that failed, however he will not be able to do other app
related tasks such as installations. The **grant** command effectively
verifies that the start of a command by a user matches one of the
privileges granted to that user - so peter will be able to add options
to any command he is granted access to.

In order to restrict commands - be sure to determine whether any options
should be allowed and if not, only grant access to the specific parameters
you wish peter to be able to execute. For example if peter is your database
administrator for example you may wish to use:

**user grant peter app start mongodb**

Instead of giving access to all **app start** commands.

Should you wish to revoke a command privilege from a user you can do
this using the following command:

**user revoke <username> <full command>**

The command being revoked must match exactly one of the commands
previously granted to a user. To review the current privileges of a user
use:

**user list <username>**

Which will display the user's entire list of granted commands in full.
You can also just run

**user list**

Without an option to list all users created on your system and their
privileges.