Setting Group Access Rights
Access rights are set on the basis of group/administrator pairs. By default, any group that has been associated with an administrator account has full access rights enabled. Use the pmx-group command to enable or disable permissions. These permissions correspond with tabs and options in the Groups Web Interface. Most permissions are enabled/disabled by specifying "on" or "off" with the --value option of the command described below. The exceptions are the list options, which have "off", "read" and "write" as potential values. If you want to grant both read and write permissions to a group administrator, set --value to "write"
You can enable/disable specific options or entire sets of options (tabs). For example, it you do not want an administrator to have access to any reports, you can exclude the Reports tab from this administrator's GUI. To do this, specify "reports" for --permission and "off" for --value in the command described below. To disable an individual report, you could run a similar command that refers to a specific report (for example, "reports.topreleasers").
To set group access rights:
pmx-group --set-perm --group <GroupName> --user <Username> --permission <PermissionName> --value <ValueName>
where GroupName and Username are the previously assigned names; PermissionName is the full permission name (as shown when pmx-group is run with the --view-perm option); and ValueName is the permission setting (usually "on" or "off").
The permission is enabled or disabled for the specified user.