The Security tab on the category edit modal is used to control both the visibility of categories and what users can do in a category. This is done by defining category permissions that associate a group name with an access level. The default permission for a new category is that the group everyone can Create/Reply/See. This means that all users on your forum, including anonymous users, have access to the category. You can change this state by adding or removing permissions.
Adding permissions
To add a permission, click the Edit Permission button. This will open two dropdown fields. The first field is used to select the group to add the permission for, the second field is to select the permission level.
On a new forum, the group dropdown will have the everyone, admins, staff, and moderators groups, as well as a group for each of the four Discourse trust levels. If you have added a custom group to your forum, that group will appear in the group dropdown menu.
The permission level dropdown lets you select between three levels of access: Create/Reply/See, Reply/See, and See. Create is the permission to create a topic in the category. Reply is the permission to post in a topic. See is the permission to see the category’s content. Combining groups with permission levels gives you control over what users can do in a category.
Removing permissions
To remove a permission, click the Edit Permissions button. A blue ‘x’ button will appear next to the existing permissions for the category. Click the ‘x’ to remove the permission.
Category visibility
If a group cannot See a category, that category will not appear in the user interface for its members. Members of groups who have access to a category that can’t be seen by everyone will see a padlock icon next to the category’s badge.
A group that can See a category, but can’t Create or Reply will have the category badge and content displayed normally in their user interface. On the category’s page, the New Topic button will be greyed out and disabled for them. The category will also not be available for them in the composer’s category dropdown menu. Users who can only See a category can still receive notifications for the category and have the category’s content included in their digest email.
Permissions for Admins and Moderators
Admins are always able to Create/Reply/See in a category. Moderators do not have default access to a category - for moderators to access a category they must be included in a permission rule. Moderators are in the staff and moderators groups, they can also gain access to a category by being a member of a custom group.
The difference between the everyone group and Trust Level 0
The everyone group is made up of all users, including anonymous users. The Trust Level 0 group is all users who have created an account and are logged into your forum. You can disallow anonymous access to a category by setting the group to trust_level_0 instead of everyone.
Examples:
Limiting access to a category to members of a custom group
Allowing all users to see a category, but only group members to create content
Allowing all users to reply in a category, but only group members to create topics
Allowing all users except anonymous users to access a category