From 2ad9fb80c231000d3de7cc7b4db9a9ff266ecc9d Mon Sep 17 00:00:00 2001
From: xaleeks <51319901+xaleeks@users.noreply.github.com>
Date: Wed, 24 Jul 2019 11:50:50 +0800
Subject: [PATCH] Update user_guide.md

---
 docs/user_guide.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/user_guide.md b/docs/user_guide.md
index a3d3cb889e0d..ff51add084c2 100644
--- a/docs/user_guide.md
+++ b/docs/user_guide.md
@@ -41,6 +41,7 @@ Harbor manages images through projects. Users can be added into one project as a
 
 * **Guest**: Guest has read-only privilege for a specified project.
 * **Developer**: Developer has read and write privileges for a project.
+* **Master**: Master has elevated permissions beyond those of 'Developer' including the ability to kick of scanning of images, viewing replications jobs, and deletion of images and helm charts.  
 * **ProjectAdmin**: When creating a new project, you will be assigned the "ProjectAdmin" role to the project. Besides read-write privileges, the "ProjectAdmin" also has some management privileges, such as adding and removing members, starting a vulnerability scan.
 
 Besides the above three roles, there are two system-wide roles:  
@@ -48,6 +49,9 @@ Besides the above three roles, there are two system-wide roles:
 * **SysAdmin**: "SysAdmin" has the most privileges. In addition to the privileges mentioned above, "SysAdmin" can also list all projects, set an ordinary user as administrator, delete users and set vulnerability scan policy for all images. The public project "library" is also owned by the administrator.  
 * **Anonymous**: When a user is not logged in, the user is considered as an "Anonymous" user. An anonymous user has no access to private projects and has read-only access to public projects.  
 
+See detailed permissions matrix listed here:
+https://github.com/goharbor/harbor/blob/master/docs/permissions.md
+
 ## User account
 Harbor supports different authentication modes: