Movable Type has a granular permission system which allows administrators to finely control what each user is allowed to do within the system. This is accomplished through a combination of fine-grained privileges, roles and permissions.
Privileges. Privileges are particular capabilities within the system like the ability to "create entries."
Roles. A role is a group of privileges which can be assigned together to a user on a particular blog.
Permissions. A permission is the combination of a user with a role and a blog. It is only by creating permissions that users gain blog-level capabilities. System-level permissions are granted singly and are not related to a blog.
Creation of user accounts and user roles is a role reserved for System Administrators. Every user of the system must have a user account in order to access Movable Type. Creating, deleting and editing individual users can be done through the Manage Users feature in the System Overview area of Movable Type.
Learn more about...
Granting and Revoking Permissions