# Users
A creative.space user is a lot like a user on your own workstation. Just as that user on lets you log in to your workstation and access files, your creative.space user lets you log in to the node and access files.
In the same way that the user on your workstation determines which files you can access and settings you can change on it, your creative.space user determines which spaces you can connect to, which files you can access within a space, and what settings you can change on the node.
in creative.space, a user can have two types of access: file access and management access:
Creative space users can be:
- Added to spaces
- Added to groups
- Given roles that confer management access upon them
# Groups
A creative.space group is somewhat like a creative.space user: both can be added to spaces. However, the similarities end there. A creative space group cannot:
- log into the node
- connect to a space
- receive a role that confers management access upon it
So what can a group do? Why have groups at all?
A group can share the access it has to spaces with all the users you add to it. This makes it easy to give everyone on your team the access they need, no matter how many spaces you create, and how many users you add.
Without groups, you would need to individually add every user to every space they need to access. With groups, all you need to do is add groups to spaces, and then add the users to groups. The users automatically get access to all of the spaces that the groups can access. Even better, if you need to revoke a user's access to several spaces, all you need to do is remove them from the group that can access those spaces. Groups make it easy to manage who can access what.
# Roles
While groups determine who can access spaces, they do not determine who can access the node's management interface. That's the job of roles.
There are five different roles. Each role gives the user more access to the management interface than the previous role:
| Access to Management Interface | Role | |||||
|---|---|---|---|---|---|---|
| User | Team Member | Team Leader | System Monitor | System Admin | ||
| Spaces | Connect to spaces | |||||
| Browse spaces and files | ||||||
| Mount Shares using the creative.space desktop app | ||||||
| Ingest content | ||||||
| Add users and groups to spaces | ||||||
| Change how a space is shared on the network | ||||||
| Make folder templates | ||||||
| Team | View users, groups and roles | |||||
| Add users to groups | ||||||
| Give other users the team leader role. | ||||||
| System | View all system settings | |||||
| Create and delete spaces | ||||||
| Limit how large a space can grow, and how small it can shrink | ||||||
| Tune spaces' advanced settings | ||||||
| Take and delete snapshots of spaces | ||||||
| Change the node's network name | ||||||
| Change the timezone and network time protocol (NTP) server that the node uses. | ||||||
| Shut down or reboot the node | ||||||
| Restart Samba network shares | ||||||
| Start, stop, enable and disable the creative.space remote support service. | ||||||
| Start, stop, enable and disable the file transfer protocol (FTP) access | ||||||
| Configure network adapters | ||||||
| Monitor | View Performance Data | |||||
TIP
Give most of your users either the user or team member role.
users can access any spaces that they've been added to. Team members can access spaces, and also plug external hard drives into the node to ingest their contents.
If a user or team member deletes content from a space, a system administrator can recover it, as long as there is a snapshot of the space.
WARNING
Only give the system admin role to people you trust with your content.
The system admin role has far-reaching privileges compared to other roles. If a user deletes or corrupts files in a space, a system admin can recover those files with a snapshot. However, if a system admin deletes a space entirely, they can never get the content within the space back.