From 77fd612b4c8e7c109916627a939efdd3ced34015 Mon Sep 17 00:00:00 2001
From: JishLong <josh@alstongrove.com>
Date: Tue, 8 Aug 2023 10:49:23 -0400
Subject: [PATCH] 0005941: Enhance User Roles

---
 .../src/asciidoc/configuration.ad              |  1 +
 .../src/asciidoc/configuration/roles.ad        | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 symmetric-assemble/src/asciidoc/configuration/roles.ad

diff --git a/symmetric-assemble/src/asciidoc/configuration.ad b/symmetric-assemble/src/asciidoc/configuration.ad
index 35334a7d25..d8b1d9ec08 100644
--- a/symmetric-assemble/src/asciidoc/configuration.ad
+++ b/symmetric-assemble/src/asciidoc/configuration.ad
@@ -48,6 +48,7 @@ include::configuration/parameters.ad[]
 
 ifdef::pro[]
 include::configuration/users.ad[]
+include::configuration/roles.ad[]
 include::configuration/sso.ad[]
 include::configuration/license-key.ad[]
 include::configuration/mail-server.ad[]
diff --git a/symmetric-assemble/src/asciidoc/configuration/roles.ad b/symmetric-assemble/src/asciidoc/configuration/roles.ad
new file mode 100644
index 0000000000..de0c7aff25
--- /dev/null
+++ b/symmetric-assemble/src/asciidoc/configuration/roles.ad
@@ -0,0 +1,18 @@
+
+=== Roles
+
+Additional user roles may be set up to facilitate fine-grained control of permissions and user creation.
+
+Role Id:: Unique identifier for a role.
+Role Description:: Description for the role.
+Parent Role Id:: Role Id of this role's parent role. Leaving this blank makes this role non-hierarchical.
+.RoleTypes
+|===
+
+|Non-Hierarchical|Roles that have neither a parent role nor any children roles, setting them apart from any hierarchy. Users with these roles have control over the creation and manipulation of any other users (except for admins) with non-hierarchical roles. The built-in Read and Write roles are both non-hierarchical by default.
+
+|Hierarchical|Roles that have a parent role, children roles, or both, which situates them in a hierarchy. Users with these roles have control over the creation and manipulation of other users with hierarchical roles that are descendent relative to their own.
+
+|Admin|The built in admin role. Users with this role have control over the creation and manipulation of all users, as well as access to any connected databases and  all functionalities of the SymmetricDS web console.
+
+|===            
\ No newline at end of file