The authorization policy defined by Modulo which comes with the system installation may not fully satisfy the needs of some organizations. Thus, for improved flexibility, system administrators can modify the policy, changing the permissions granted by default, although with some restrictions.
For profiles, the permissions suggested by default to any privilege can be changed. In the case of roles, permissions granted by default can be modified as long as there is a relationship between the role and the "object" to which the privilege applies. In some cases, the default permissions granted to roles can be modified, whereas in others they cannot.