Snipe-IT provides two privileged user account tiers, Admin and Superadmin, and a wide variety of more granular permissions for non-admin/non-superadmin users.

SuperadminCan edit ALL admin settings, create new Groups, Locations, Status Labels, etc, and is NOT constrained by Company scoping when Full Company Support is enabled.
AdminCan NOT access Admin Settings, and IS constrained by Company scoping when Full Company Support is enabled, but can perform all functions (create, edit, delete, etc) for all other aspects of the app.
OtherCan NOT access Admin Settings. All other privileges are granted on a group-level or individual level.

All other permissions, for example, the ability to add or view users, the ability to create, edit, or delete assets, and so on, are assumed at the admin/superadmin level, but must be granted individually to non-admin/non-superadmin users.

In general, it will be easier if you use Permission Groups (Admin > Groups) to manage the permissions of your users in a role-based context.

Users inherit permissions from the permission groups they are in, unless implicitly denied or granted permission on their user account.



When you grant Admin or Superadmin permissions to a user or group, all other more granular permissions are ignored.