Skip to main content

Set Up and Manage Access Rules

How to define new access rules and update existing ones

Alexandre GASQUET avatar
Written by Alexandre GASQUET
Updated over a month ago

📑 Principle and How It Works

Access rules control what actions users can perform on Aletiq objects.
They work in addition to restrictions based on:

  • User roles

  • The access scope of objects in the application

💡 For more information: Introduction to Permissions and Restrictions on Aletiq Objects

Access rules define permissions across 4 levels:

  1. Visualize without downloads: the document can be viewed in the application but cannot be downloaded to the user’s machine

  2. Visualize: the document can be opened in the browser and downloaded, but not modified

  3. Modify: the document can be opened and modified, but draft revisions cannot be validated

  4. Full access: all permissions granted

Each rule has the same structure:

  • A user group, defined by filters based on user properties

  • Receives a level of access

  • Over a group of objects, defined by filters based on object properties

⚠️ Access rules are permissive only: they grant rights, but cannot be used to restrict or block actions.

🆕 Create a New Access Rule

To define a new access rule:

  1. Go to the Access Rules tab in the Administration panel

  2. Select the object type the rule will apply to

  3. Click New rule, then fill out the required fields

🔦 You can define groups of users or objects by combining multiple property filters.

You can also select All users or All objects to create generic access rules.

💡 The user and object properties used to define access groups must be set up in advance under the dedicated section.
👉 For more information: Create and Manage Object Properties

🛠️ Edit an Access Rule

To edit an existing rule:

  1. Go to the Access Rules tab in the Administration panel

  2. Choose the object type the rule applies to

  3. Hover over the rule you want to edit and click the pencil icon

  4. Update the necessary fields

Did this answer your question?