I want to better understand how permissions work in Studio Sessions. I have asked BB and was basically told to attend a 101 seminar at the end of November and read the product help screens. Really? So, I want to state what I think I already know and ask for clarification from the community. It feels like the documentation contradicts itself. Maybe I’m making this a harder logic problem than it really is.
Session permissions control 6 categories of things invitees can/cannot do. The Allow/Deny status of “Attendees” set the general default starting condition for all invitees. Invitees can include groups of users. Groups define their own Allow/Deny values for those 6 categories. The addition of a group as an invitee overlays its 6 values over the general defaults resulting in updated permissions. It’s an additive process. If a user is a member of multiple invited groups, then the ultimate permissions are the lowest aggregate of them all. I could have “Deny” permission in the Save As category as determined by the default Attendees group, then be given “Allow” to “Save As” because I belong to the invited group of “Managers” but then be set back to “Deny” because I am a part of the invited MBUsers group who does not have that permission. My resulting permission is the lowest aggregate of the two groups to which I belong. So, there is a set of starting permissions. The first group to which I belong sets the starting overwrites. The moment a group to which I belong denies a permission then I am locked out of that within this Session.
I am just trying to get my head around best practices for permission management. I appreciate any feedback.