Mayan EDMS uses a role based permission system (https://en.wikipedia.org/wiki/Role-based_access_control) that provides a mechanism to control access to the contained documents and system functions.
The role access control system is divided into two main groups:
Permissions: Permission grants to roles for the entire system.
Access control lists: ACLs (access control lists). These are permission granted to a role for a specific object or group of objects.