Object permissions

Object permissions is a list of entities that a specific user has access to and a list of entities that a user doesn’t have access to. Not to be confused with Permissions.

When a user tries to access an entity the algorithm first checks if this user has explicit permissions to access this entity. If so, the request will be fulfilled. Otherwise, the algorithm checks if a user has implicit access to the entity by checking entity’s parents. If there was a path to the parent that the user is allowed to access, the request will also be fulfilled. Otherwise, the system will deny access to the object.