An access control list (ACL) is a set of security rules defined on a document. Within Hyland Experience, ACLs are inherited throughout the hierarchy of the repository.
When a user attempts to perform an action on a document that requires ACL permissions to be applied, the permission check on the action requires a match between the following sets of data:
- The user attempting the action, the user group to which the user belongs, and the specified permission for the action.
- The effective ACL (accounting for inheritance) on the document.
An ACL permission can be granted to users who belong to user groups with the appropriate access. For example, if a Reviewers user group has the Write permission, any user belonging to the Reviewers group is granted that permission.
Similarly, an ACL permission can be granted to users who have access to a permission group containing the individual permission. For example, if the user Bob has access to the Read permission group, and this group contains five different permissions, Bob is granted access to all five permissions in the group.