2022 April Release

Customization Point FSCCONFIG@1.1001:ACLConfiguration Permanent link for this heading

This customization point allows defining tenant-specific ACLs that should be assigned to objects. The ACL is evaluated using the following steps. The first step that returns an ACL defines the used ACL. Step 1 and 4 can be configured by the customization point.
1. Use a tenant specific ACL for an object, if a customization is defined for the corresponding object class (object class hierarchy gets considered). Trigger: COOSYSTEM@1.1001:classdefaultacl
2. Use an ACL that is defined for the object class (ACLs created in a corresponding tenant are preferred).
3. Use an ACL that is defined in the group of the user (Default ACL for New Objects, ACL Objects).
4. Use a tenant specific default ACL for an object if a customization is defined for the corresponding object class (object class hierarchy gets considered). Trigger: COOSYSTEM@1.1001:objaclobj
5. Hard-coded: If the steps before do not return an ACL, finally one of these ACLs is used based on the object class: "Default ACL", "ACL for Administration Objects" or "ACL for Developer Objects".

Example:
customize ACLConfiguration<Folder, classdefaultacl> {
  acl = DefaultGlobalACL;
}

AccessControlList FSCCONFIG@1.1001:ACLConfiguration(
  key ObjectClass cfgobjclass,
  key optional ComponentObject trigger,
  out retval direct AccessControlList acl)

Name

Description

cfgobjclass

applies to objects of the defined object class

trigger

if step 1 should be customized, COOSYSTEM@1.1001:classdefaultacl has to be used; if step 4 should be customized, COOSYSTEM@1.1001:objaclobj has to be used

acl

defines the ACL that should be assigned

Additional Information