You can set permissions at the following levels of granularity:
-
Repository-level
controls function as a gateway and as a parent-of-last-resort. Repository-level
controls are managed from the permission pattern of the repository
ACT (
Default ACT). All registered users should
have ReadMetadata and WriteMetadata permissions in the foundation
repository ACT’s permission pattern.
-
Object-level
controls manage access to a specific object such as a report, an information
map, a stored process, a table, a column, a cube, or a folder. You
can define resource-level controls individually (as explicit settings)
or in patterns (by applying access control templates).
-
Fine-grained
controls affect access to subsets of data within a resource. To establish
fine-grained controls, you add constraints called permission conditions
to explicit grants of the Read permission.