Groups are a way for you to control who can do what on your scoop site. By default there are a few groups created for you, which should be fine for the majority of installations. You can also create a default group (by default Users :) which people get shunted into when they create an account.
You access the Groups admin tool through the Groups link in admin tool box. Pretty spiffy, eh? At the top of the page is a pull down box to choose which group to edit, if you're creating a new group, leave it on the ``New Group'' choice. Below that is the Group ID box. Put here a name to remember the group by. It should work fine if it has spaces, but as for the other id boxes (as in section id, box id, etc) it works better with just letters, underscores, dashes and numbers. If you want this group to be the default group that all new accounts get set to, click the Default New User Group checkbox. Write a small description for your own notes in the Group Description textarea if you need to. Nobody will read this except for people with the edit_perms permission so you don't need to worry too much about it being fit for general consumption :-)
Below this is a table of all the possible group permissions, click the checkbox beside the permission to give the group you're editing that permission. Click Save Group when done to save your changes. What follows is a short list of the perms and what they control. Most are very self explanitory.
edit_perms | Appears deprecated. Use with edit_groups to be safe |
show_perms | Deprecated, will be removed shortly. |
edit_user | Controls who can change a users' preferences for them |
edit_special | Permission to edit the Special pages |
edit_boxes | Permission to edit the Boxes |
edit_blocks | Controls who can use the Block admin tool |
edit_vars | Controls who can use the Vars admin tool |
list_polls | If you have this you can get to the Poll List admin tool |
edit_topics | Permission to run the Topic admin tool |
edit_polls | Permission to edit and change polls |
edit_sections | Controls who can use the Sections admin tool |
story_admin | Controls who can use the Story admin tool to edit stories |
story_list | Permission to see the stories in the Story List admin tool |
comment_post | You need this permission to post comments to stories and diaries in scoop |
comment_delete | Permission to delete any comment on the site |
comment_rate | Permission to rate comments, mojo is useless without this permission |
moderate | Controls who can moderate stories in the submission queue |
attach_poll | If you have this permission you can attach polls to stories you submit |
poll_vote | Permission to vote on polls on the site |
poll_post_comments | Permission to post comments to polls on the site. |
poll_read_comments | Permission to read comments posted to polls |
view_polls | Permission to even see the results of polls |
edit_groups | Permission to get to the Group admin tool |
edit_templates | Controls who can associate templates with ops via the template admin tool |
super_mojo | With this permission a person is always a trusted user |
rdf_admin | Permission to edit rdf's through the admin tool for RDF's |
submit_rdf | Gives a link to submit an rdf at the top of the rdf feed box. |
cron_admin | Permission to run the crons through the cron admin tool |
The poll_post_comments, poll_read_comments, and view_polls permissions are there because of an imbalance of how you could control very closely who could do what in each section, so the polls felt left out. Thus now you can control the same way who can access polls as who can access stories.
Some of the above permissions are deprecated, or not used. They have been marked above, and will be removed from the list when they are removed from the source.
None
edit_groups, and possibly edit_perms and show_perms but they appear to be deprecated