How is security applied?

The overall access that some is granted to an object is the combination of all the permissions applied to it.

Permissions of either type can be applied to an object in the following ways:

Default instance security

As an integral part of the class and instance design, objects such as documents, folders, and events are instances of their class. The class includes, among other things, a property containing the default security permissions that will be applied to all instances of the class. This is the simplest method of applying security: the security design sets up the default security that all instances of a class should have, and then all objects based on that class will have the same default security.

Security parent and inheritance

Permissions can also be inherited from a parent object. Inheritance can take place between a class and its subclass, and between a folder and its containable objects (documents, custom objects, and other folders).

Security policies and security templates

Security policies contain security templates which let you automatically apply security to documents, folders, and custom objects. In the case of documents, security templates can be associated with one of the several versioning states that documents pass through (Released, Superseded, In Process, or Reservation). This powerful feature provides efficient application of fine-tuned security across many objects.

Directly applied security

Users who have sufficient permission can edit an object's security by directly adding or removing security principals, or by changing the existing permissions already granted.