摘要 |
Architecture that creates a class of role-based scopes that can be declared “exclusive”, which automatically means that no user can access the scope unless the user is granted that exact scope. The exclusive scope excludes an object from the new scopes and existing scopes. In other words, the exclusive scope is a write restriction from a domain scope. The exclusive scope denies user access unless the user is granted the exclusive scope. The exclusive scope can be applied to a group of user objects. The exclusive scope is explicitly assigned to the object to grant access to an exclusive group. Moreover, the exclusive scope is immediately write-protected upon creation.
|