Currently, there's only is_admin in the userprefs, defining whether or not a user is an administrator.
It would probably be best to assign this permission (and roles in case of #28), on groups, so that revoking someone's permission in the auth backend (IPA for example).
milestone: => Backlog
Metadata Update from @puiterwijk:
- Issue assigned to puiterwijk
- Issue set to the milestone: Backlog
to comment on this ticket.