Access Control List of {{entity.name}}
Access Control List

There are two types of permissions: class-based and object-based. The class-based permissions can be set here. The object-based permissions can be set by users which have write-access to an object. If a user requests an operation access must be allowed class-based as well as object-based in order to perform the specific operation.

Each permission consists of one allow and one deny list. In the allow list user and roles can be white listed and in the deny list they can be black listed.

The access will be granted based on the following rules:

  • If the user has the admin role, access is always granted and the following rules will be skipped
  • Otherwise:
    • If the user or one of its roles are listed in the deny list, access is always denied
    • If no rules are defined in the allow list, public access is granted
    • If rules are defined the user or one of its roles has to be listed in the allow list in order to get access
ACL documentation