====== Screenshot ======
{{technology:zenoss:about:portlet_permissions.png?674×257}}

====== About Portlet Permissions ======
Portlet permissions can be used to set which users can view and interact with particular portlets. More technically, it is a setting to restrict which Zope Access Control List (ACL) may access each portlet.

To enact portlet permissions, you first need to set a user with a specific Zenoss Role, which is located under Settings > Users tab. Zenoss user roles are different from the Zope ACLs. Each Zenoss user role is mapped to the various Zope ACL permissions, which allow one to restrict what portlets a permission level can see. 

In review: giving a user specific portlet permissions is defined in part by Zope ACL permissions, and in part by what role your user is assigned.

===== User Role to ACL Mapping =====
  * ZenUser, ZenOperator        =>  ZenCommon, View permissions
  * ZenManager, Manager         =>  All: ZenCommon, View, Manage DMD permissions
  * No Role, Administered Objs  =>  ZenCommon permission

====== Users Cannot See All Portlets Fix ======
===== Problem =====
One may unknowingly or mistakenly block users from being able to access some portlets. This happens most often when a user has been set to only see particular devices. By default, this user will only get portlets set to the ZenCommon permission level. By default, this blocks 3 of 6 portlets.

===== Fix =====
To fix this, either change the permission levels on the portlets settings tab to be ZenCommon, or change the user role of the user to be higher than No Role.