Bug 310400: Explain (Document) how permissions are handled on Bugzilla

docs/xml/customization.xml

@@ -688,7 +688,7 @@
         versions, and you upgrade.
       </para>
     </warning>
-       
+      
     <para>
       Companies often have rules about which employees, or classes of employees,
       are allowed to change certain things in the bug system. For example, 
@@ -697,6 +697,16 @@
       designed to make it easy for you to write your own custom rules to define
       who is allowed to make what sorts of value transition.
     </para>
+
+    <para>
+     By default, assignees, QA owners and users
+     with <emphasis>editbugs</emphasis> privileges can edit all fields of bugs, 
+     except group restrictions (unless they are members of the groups they 
+     are trying to change). Bug reporters also have the ability to edit some 
+     fields, but in a more restrictive manner. Other users, without 
+     <emphasis>editbugs</emphasis> privileges, can not edit 
+     bugs, except to comment and add themselves to the CC list.
+    </para> 
     
     <para>
       For maximum flexibility, customizing this means editing Bugzilla's Perl 

docs/xml/using.xml

@@ -1300,10 +1300,181 @@
     <section id="permissionsettings">
       <title>Permissions</title>
       
-      <para>This is a purely informative page which outlines your current
-      permissions on this installation of Bugzilla - what product groups you
-      are in, and whether you can edit bugs or perform various administration
-      functions.</para>
+      <para>
+      This is a purely informative page which outlines your current
+      permissions on this installation of Bugzilla.
+      </para>
+
+      <para>
+      A complete list of permissions is below. Only users with 
+      <emphasis>editusers</emphasis> privileges can change the permissions 
+      of other users.
+      </para>
+
+      <variablelist>
+        <varlistentry>
+          <term>
+            admin
+          </term>
+          <listitem>
+            <para> 
+             Indicates user is an Administrator.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+            bz_canusewhineatothers
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can configure whine reports for other users.
+            </para>
+          </listitem>
+        </varlistentry>
+    	
+        <varlistentry>
+          <term>
+             bz_canusewhines
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can configure whine reports for self.
+            </para>
+          </listitem>
+        </varlistentry>
+  
+        <varlistentry>
+          <term>
+             bz_canusewhines
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can configure whine reports for self.
+            </para>
+          </listitem>
+        </varlistentry>	 	
+ 
+        <varlistentry>
+          <term>
+             bz_sudoers
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can perform actions as other users.
+            </para>
+          </listitem>
+        </varlistentry>	
+
+        <varlistentry>
+          <term>
+             bz_sudo_protect
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can not be impersonated by other users.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             canconfirm
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can confirm a bug or mark it a duplicate.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             creategroups
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can create and destroy groups.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             editbugs
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can edit all bug fields.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             editclassifications
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can create, destroy, and edit classifications.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             editcomponents
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can create, destroy, and edit components.
+            </para>
+          </listitem>
+        </varlistentry>
+ 
+        <varlistentry>
+          <term>
+             editkeywords
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can create, destroy, and edit keywords.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term>
+             editusers
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can edit or disable users.
+            </para>
+          </listitem>
+        </varlistentry>
+	
+        <varlistentry>
+          <term>
+             tweakparams
+          </term>
+          <listitem>
+            <para> 
+             Indicates user can change Parameters.
+            </para>
+          </listitem>
+        </varlistentry>
+
+      </variablelist>
+
+       <note>
+        <para>
+        For more information on how permissions work in Bugzilla (i.e. who can
+        change what), see  <xref linkend="cust-change-permissions"/>. 
+        </para>
+       </note>
+
     </section>
   </section>