Object Authorization
Use
This authorization specifies what a specific authorization type, for example a user or a user group, is allowed to do for a specific object, that is administer, edit, or read a specific object (for example, a document). Object authorization is defined by the default authorization of the object type or by the status profile assigned to the object type. You can also set authorization for an object manually or the object authorization is inherited in the hierarchy.
You can track explicitly set object authorizations that a user or a user group has in a folder from the object overview by filtering by user or user group and choosing the
New Selection
pushbutton.
Caution
Note that the actual authorizations that a user or user group has for an object may differ from the authorization explicitly set if there are
authorization rules
that override explicit authorizations. For example, the user A has write authorization for a document. User A is in user group 1, and user group 1 only has read authorization for the object. However, as user authorization overrides user group authorization, user A still has write authorization. Furthermore, the document is assigned to a status profile that determines that no user has write authorization when the status of the document is
In Review
. As authorization set by a status profile overrides all other authorization for an object, user A cannot change the document when it has the status
In Review
.
For more information about object authorizations in status profiles, see Object Authorizations per Status .
You can also protect objects and object versions.