- Users are assigned to one or more identities, representing the Projects within the business.
- Generally, access to an object using the OOTB permissions object is an OR scenario. Once a user has been granted access to an action or object, then further checks are not required.
- IP license agreements are entered into by the organisation. These agreements control who can see the contents of the agreement and documents whose access is covered by the IP license.
- Each user in the system is accessible, similar to the Program Management use of users to receive assignments.
- An 'IP License Agreement' object are created. This object may have files checked into it.
- A relationship is defined between the 'IP License Agreement' and the users that can read documents described by the 'IP License Agreement'
- A User can be related to multiple 'IP License Agreement' objects.
- A Document can be related to multiple 'IP License Agreement' objects.
- All Users in a Project can see that a document exists - the document's filename, format, size etc
- If a Document does not have any relationships to an 'IP License Agreement' object, then the OOTB ARAS permissions of Can Discover and Get apply.
- If a Document has a relationship a 'IP License Agreement' object, then
- if the User is not related to the 'IP License Agreement' object', then the user can only see that the Document exists. The User cannot download the Word or PDF or Excel file attached to the Document object.
- if the User is related to the 'IP License Agreement' object, then the user can download the Word or PDF or Excel file attached to the document.
- Is the user permitted to Get and Can Discover through the identity/permission access?
- Is there a related 'IP License Agreement' that should be evaluated to determine the ability to Download the file?