This is an old revision of the document!
Administrators mostly have access to the procedures at the top level, i.e. The Whole Stat System, and those in the section User Accounts and Roles.
grantAdminRights(ident uid, ident username) { assume exists /account[uid]/admin; assume exists /account[username]; # implicitly true in OO implementations assume not exists /account[username]/admin; insert /account[username] <admin />; }
revokeAdminRights(ident uid, ident username) { assume exists /account[uid]/admin; assume exists /account[username]/admin; # implies the account exists, which is implicitly true anyway assume size(/account/admin) > 1; # kind of a practical constraint remove /account[username]/admin; }