Assigned and inherited Access Control examples
A record or Workflow can have their own assigned Access Control setting and Access Control settings inherited from their Classification, Record Type, container, the container's Record Type and from the container's Classification.
Content Manager checks all Access Control settings using the Boolean AND, which means that a user has to be on every individual assigned and inherited list of Locations against an Access Control to ultimately have access to functions related to that Access Control.
The table below shows some scenarios.
Yes means that the user is on the respective Access Control list and the column Has Access shows whether the user ultimately has access to the record.
| User | Container Access Control list | Container Classification Access Control list | Container Record Type Access Control list | Classification Access Control list | Record Type Access Control list | Has access |
|---|---|---|---|---|---|---|
| A | Yes | Yes | Yes | Yes | No | No |
| B | Yes | Yes | Yes | No | Yes | No |
| C | Yes | Yes | No | Yes | Yes | No |
| D | Yes | No | Yes | Yes | Yes | No |
This example shows that up to five inherited Access Control lists can take effect on a record in a container.
NOTE: Access Control inherited by the container is also inherited by the records that have their Access Control set to be inherited from the container.