Overview of Access Control Lists

Use access control lists to assign criteria-based access to specific objects such as manufacturers and items. With access control lists, you can:

Define and control who has access to your data.
Add granular access conditions for different users.
Easily identify exactly what permissions are assigned to each user.
Build your list of workers dynamically based on specified conditions.

Access can be controlled through teams:

Team: A team comprises a set of roles, users, filtered lists, and one or more permission sets.
Users can be added to the team individually, or by adding them using roles or derived from a filtered list of workers who match certain membership conditions.
For example, workers belonging to the same business unit, location, department, and so on.
Permission Sets: Each permission set contains individual permissions. Each permission identifies the object for which permission is given, the conditions that must be met, the type of access to be granted, and the attribute groups the team can access.

The high level diagram shows how the team membership and the team permission sets collectively form an access control list.

High level diagram that shows how the team membership and the team permission sets collectively form an access control list.

Configuration Summary

Here’s a summary of the configuration tasks for access control lists:

Create team members who should have access to a particular object.
Create permission sets with data access conditions.
Create teams, add roles, users or filtered lists, and apply permission sets.

The diagram shows how the team membership and the team permission sets are derived, and how they collectively form an access control list for manufacturers.