Access control list

By default, the Administrators group has full control access to Settings and Job clear down, Device Users group has full control access to Devices, and the Designers group has full control access to the following areas: Designer, Process, Business rule, Work type, Resource, Persona, Capture design, Lock status search, and Quick Apps.

If you deny permission to any group a user belongs to, the user is denied access. This is true even if the user is given the permission in a different group. If the user belongs to more than one group, it is the lowest access permission that is used. For example, if you have full access from one group that you are a member of, and read-only access from another, then you can only read, not write.

Direct user privileges override group privileges. This means, if the user has explicit access permissions, that is used. For example, if an individual has "Full control " and the Everyone group has only "Read" access permissions, the individual will have full control to create and modify items.