4.9 Access Control

4.9.1 Introduction

This section explains Daisy's document access control functionality. Access control concerns the authorization of document operations such as read and write.

While we usually talk about documents, technically the access control happens on the document variant level: a user is granted or denied access to a certain document variant.

In many systems, access to a document is configured by an access control list (ACL) associated with that document. An ACL consists of rules which define who (a user or role/group) can perform or not perform some operation.

For Daisy, it was considered to be too laborious to manage ACLs for each individual document. Therefore, there is one global ACL, where you can select sets of documents based on an expression and define the access control rules that apply to these documents.