Access control configures what is exposed to each user in the feature sets and actions menus of objects, and what objects are returned from any search or relationship expansion. The user roles consist of sets of access groups that grant access to commands and relationship expansions grouped together by functional operation. The filtering of data items returned to the user is governed by security rules defining which access groups can see what data items based under different conditions.
-
Existing security rules can be modified. For example, to filter documents based on a new custom property.
-
Method, entry point, and relationship access can be removed or modified. For example, to remove a search option.
-
Access groups should not be removed from existing roles.
-
New custom access groups can be added to existing roles. For example, to expose new data structure management.
What do you want to do?