ACE source: Default, Direct, Inherited, Template
Every ACE has a source, either Default, Direct, Inherited, or Template.
You can view the source types of ACEs in the Administration Console for Content Platform Engine security editor.
- Default
- Permissions are placed on an object by the Default Instance Security ACL of its class, as well as permissions placed on a subclass by its parent class. Default ACEs are directly editable; if you do, its source type becomes Direct.
- Direct
- Permissions are added directly to an object. Direct ACEs are directly editable.
- Inherited
- Permissions are placed on the object by a security parent or by setting up a relationship with an object-valued property whose Security Proxy Type has been set to Inherited. Inherited ACEs are not directly editable. See Understanding security inheritance and Configure security inheritance for information.
- Template
- Permissions are placed on the object by a security policy. Template ACEs are not directly editable and do not appear on classes. Rather, a document, folder, or custom object class can have a default Security policy which will pass template ACEs to the instances of the class, if all the conditions for the template apply. (See Security policies.)