Admin groups aren’t one-size-fits-all. Responsible site administrators can ensure that changes to their site are well-moderated by giving other admin groups only as much access to the site as they need. In Composer, the following permission levels can be assigned on a global, branch, or page level, as explained in the article Setting Composer admin permissions.
Note: Child pages cannot be set to a more restrictive permission level than their parent pages. For instance, if a parent page's permission level is set to "View, Edit and Publish," then its child pages must be set at that level or higher; child pages could not be set to "View" or "View and Edit."
The exception to this rule is the "Not Allowed" setting, which can always be used to prevent members of a specific admin group from editing a given page.
If "Not Allowed" is selected for an admin group, the component won't be visible on the main Composer menu. Users in this level are not allowed to see the configuration of a page; however, they can still see the public-facing page itself (unless it is access-controlled). This setting can be useful to hide sensitive information like portal configurations from those with Composer access.
Users in a group with "View" settings for a component will be able to view it, but they won’t see the Compose toggle and hover menus. Users with this level can only see the page, preview it on mobile or desktop views, and see the publication status.
View & Edit
"View & Edit" allows users to make changes, but not to publish those changes. This allows site admins to create an editor/publisher workflow in order to approve website changes. Users with this level can create new pages, banners, and themes. They can also move pages within the site tree. View & Edit users can also change/remove the page's theme and roll back the page to the last published version. With this level and above, users are able to see the page history and the edits made to the page.
View, Edit & Publish
Just as the name implies, this level has all of the same permissions as above, with the inclusion of the ability to publish. For users with "View, Edit & Publish" settings, only deleting is not an option. In addition, users can create new shared elements at this level.
View, Edit, Publish & Delete
This setting includes the "delete" option, in addition to all other features of the other levels.
In addition to viewing, editing, publishing, and deleting, "Admin"-level users will be able to see and make changes to the Permissions tab on the main Composer menu and on page and banner settings. They cannot change permissions for their own group. This level also grants the ability to move pages from branch to branch.
Permissions for PagePops work differently than those for Composer pages. See the Knowledge Base article PagePop Permissions for details about how PagePop permissions interact with Composer page permissions.