Administrators have full permissions on the system. They can create/edit content, publish content and manage users. They can also unlock or publish content that is checked out to another user.

Editors can create/edit content and publish content. They cannot unlock content checked out to others, and they cannot invite users to a tome or otherwise manage users.

Contributors can edit/create content, but they cannot publish it. Once they have completed their work, they should unlock it so that an editor can check and publish it.

On private tomes (paid accounts only), only users of a tome can view its content - the tome is not visible publicly. The read-only user provides access to view private tomes, but has no ability to edit/create content or make any other changes to the tome.