@OscarG
The UI might be a bit confusing. The Tag-Manager permissions are capabilities, the other options are access rights.
The selector in the overview will always show the access right permission the user has. If you click on the Tag-Manager permissions the user should receive if, but it won’t be shown in the selector.
It is a lot better visible when editing a single user and clicking on permissions…
Feel free to create an issue on github with suggestions how to improve that.
There are two places in the Administration screen to see
Capabilities and Permissions.
Originally, Matomo only had Permissions (also called Roles).
We added Capabilities as an extra Tag Manager thing. It gives you some control so you can extend the power of a lowly Write or View user, giving them various MTM capabilities.
We created this in response to requests to make a feature to selectively allow team members the ability to do dangerous things in Matomo Tag Manager.
One place you can see this is
Matomo interface >> >> System >> Users >> Role
A much better place to see it is in Matomo interface >> >> System >> Users >> [edit / checkbox] >> Permissions.
Notice that there are only gray dropdown menus if there are some lacking “Capabilities” on that tier of Permission.
By the time you get to “Admin” level of permissions, there’s nothing to add: they can already to all three Tag Manager capabilities, so there is no dropdown for adding any capabilites. We see in the screenshot above that
User: Frank Zappa
Role: Admin
Capabilities: Write, Publish live container, Use custom templates