Icon
|
Meaning
|
---|---|
|
Denial
|
|
Grant
|
|
Conditional grant (a
grant that is constrained by a permission condition). This icon is
applicable to only fine-grained access controls for data (member-level
permissions and row-level permissions).
|
Icon
|
Term
|
Meaning
|
---|---|---|
|
Direct
control: Explicit
|
The direct access control
is set on the current object and specifically assigned to the selected
identity.
|
|
Direct
control: ACT
|
The direct access control
comes from an applied access control template (ACT) whose pattern
specifically assigns the grant or denial to the selected identity.
|
(none)
|
Indirect setting
|
The setting comes from
someone else (a group that has a direct control), somewhere else (a
parent object or the repository ACT), or special status (such as
unrestricted). For the WriteMemberMetadata permission, indirect means
that the setting mirrors the WriteMetadata setting.
|
Icon
|
Meaning
|
---|---|
|
Denial from an explicit
control
|
|
Denial from an applied
ACT
|
|
Denial from an indirect
source (such as a parent group or parent object)
|
|
Grant from an explicit
control
|
|
Grant from an applied
ACT
|
|
Grant from an indirect
source (such as a parent group or parent object)
|
|
Conditional grant from
an explicit control
|
|
Conditional grant from
an indirect source (a parent group)
|