By default, these user properties appear as slots in the UserService:
The Operator config flag for these slots may be enabled (checked) and disabled (unchecked) just as you would configure the permission
level on any other slot. The special scheme that applies only to the UserService component yields the following results:
Operator checked) on the slot, and the role assigned to the user grants read permission (r), the user is allowed read-only access
to the user properties (email, password, etc.) on their own user account (all other users are hidden).Operator checked) on the slot, and the role assigned to the user grants write permissions (rw), the user is allowed both read and
write access to the user properties on their own user account (all other users are hidden). This is the configuration required
to allow a user to change their own password.Operator unchecked) on the slot, and the role assigned to a user grants read permission (rR), the user is allowed read-only access
to all user properties for all available users.Operator unchecked) on the slot, and the role assigned to a user grants write permissions (rwRW), the user is allowed both read and
write access to all properties for all available non-super users. Moreover, they have access to the User Manager, and can add new users and delete selected users. In addition, the Permissions Browser view of the UserService is available to them.To allow each user to change their own password, but not have access to other users’ passwords, you would set the config flag
for the Authenticator slot to the operator permission level (checked; this is the default for this slot), and assign a role to the user that grants operator-level write (rw) permissions.
All non-super user roles should be configured for operator-level write (rw) permissions applied to the category that contains the UserService. (By default, the New Station Wizard assigns the UserService to the Admin named category (category 2), along with the CategoryService.)