Administration Guide › Set Up Access Controls › Access Levels › Example: Access Levels with Multiple Rules

Example: Access Levels with Multiple Rules

Assume that access controls are set on, and that an item has the following access control rules (and that no other rules are set):

• Administrative user access level: modify permission only is specified

  This means that administrative users can perform modify operations. (This implicitly means that they can also perform read permissions.)

• Protected item access level: all permissions are specified

  This means all operations are denied.

• Registered user access level: modify permission only is specified

  This means that registered users can perform modify operations. (This implicitly means that they can also perform read permissions.)

For that item, within the scope of those rules, and for the users specified in those rules:

• The item is invisible to public users.

  No access rule is specified, so public users have no access.

• The item is invisible to registered users.

  The registered users access level rule allows registered users to read and modify this item, but because the protected items access rule is a higher precedence, the DSA uses that rule (which is a denial) and ignores the registered users rule.

• Administrative users can modify and read the item.

  The administrative users access level rule allows read and modify operations, and this rule has a higher precedence than the protected items rule.

• Since there is no super user access rule, there are no super users.