Permissions Model
SyncTV permissions have platform scope and room scope. Platform roles decide who can administer the instance. Room roles and member overrides decide what a user can do in one room.
Permission Sources
Section titled “Permission Sources”| Source | Scope | Examples |
|---|---|---|
| Global role | Whole instance | root, admin, user |
| Room role | One room | creator, admin, member, guest |
| Member override | One user in one room | Temporary playback control, mute, media restriction |
| Room setting | One room | Guest access, chat enabled, review required |
| User preference | One user | 2FA, notification preference, default Provider |
Management Principles
Section titled “Management Principles”| Situation | Prefer |
|---|---|
| Long-term responsibility change | Change room role or role defaults |
| Temporary exception | Use a member override |
| Restrict everyone from chatting | Change the room chat setting |
| Restrict one member from chatting | Remove that member’s send_chat |
| Grant platform administration | Change the global role |
A platform admin is not automatically a room admin in every room. A room admin cannot manage platform users, Providers, or runtime settings.
Next Steps
Section titled “Next Steps”- Full permission names and evaluation rules: Rooms, Permissions, and Preferences.
- Member management: Room and Member Management.
- Authentication and 2FA: Authentication and Security Model.