Hello
i'm a bit struggling for one use case i have, maybe someone could share its experience on such scenario.
Jobs structure:
Use caseq:
- user1 has read access to all jobs
- user2 has only read access to jobA2
By default, authorizations are inherited from parent ACL. It is very handy to avoid redefining all authorizations for each item level.
However, i am not able to find a way to keep this inherited behavior while granting some authorizations at lower (job) level.
- If i configure user1 authorization at FolderA level, then with inheritance it will have access to everything
- If i configure user2 authorization at jobA2 level, then it cannot access jobA2 because upper-level authorizations are not defined (ie. user2 does not have access to FolderA & SubFolderA)
Is there a way to address those 2 scenarios while still relying on inheritance to ease authorization definitions? If not, does it means i have to redefine at each level all authorizations (ie. no parent ACL inheritance) to achieve that?
What about an implicit "Folder PassThrough" authorization that would be automatically granted to all parents items when authorizing a user to access a lower-level item?
In that case, if i configure user2 authorization at jobA2 level, then it could "PassThrough" FolderA and SubFolderA and eventually get access to jobA2 on the UI.
Not sure if it is clear, anyway any help will be appreciated ;)
BR