Security is provided through the implementation of access control lists for users, defining READ or WRITE permissions to the entities within the system.
To this end there is a Security Diagnostics function, which cross-references the ID of an entity with the login of a user to produces a detailed report of what permissions the user has in relation to that asset.
Users can be assigned to User Groups to provide consistent permissions are granted, or, granted permissions individually to allow adaptation to specific needs.
User Groups are assigned permissions through User group policies. Policies are made of rules, each rule consists of conditions and permissions. Rules and conditions are specified for entities of a specific Entity definition.
Permissions are positive and define what a user is permitted to do and does not define what they are not permitted do.
Can we improve this article ? Provide feedback