Access control rules can be set for the following categories:
- File Access
- cBase Access
- Model Access
- DiveTab Access
- Audit Rules
The access control interface has a separate sub-tab for each of the categories where you set the rules.
This sample screen shows that you can view a summary of existing rules (1), set access rules per category (2), work with the underlying script (3), and inspect the status of any existing subdirectories (4). Numbers here refer to the numbers on the sample screen. The tab label displays the path to where this access control tab resides. In the example, it is at the project root that is represented by the forward slash (/) with Access for /.
DI recommends you set your access control rules at the root of the project, where the tab name is Access for /, as in the example. All the other directories and any subdirectories default to inherit access control rules from the ancestor, which is most often the project root. You can set access control rules on individual directories, by clearing the Inherit from ancestor check mark for the directory's access control tab.
Each rule category can have multiple access control rule types. For example, for the file access category, there are read and write rules, and for the cBase access category, there are row-based and column-based rules.
All access control rules have two parts:
- Condition—Who does this rule apply to? See Access Control Conditions.
- Effect—What does this rule do? See Access Control Effects.
The effect can be complex, since it is a combination of the rule type and the parameters of the rule.
Effects vary depending on category and the rule types selected. For ease of maintenance, consistency of usage is encouraged within a project.
See also:
- About Access Control
- Access Control Interface
- Access Control Process
- Directory Overview Tab
- Access Control Conditions
- Access Control Effects
- Configuring Access Control
- Properties Overview