can we explicitly deny access to a role or group?

When it comes to restricting either visibility of events or who can observe a particular group everything seems to be based on including all roles as the default and you then go in and remove access from those roles which you need to restrict. Now I know when it comes to permissionong roles it's different where you explicitly grant access which is good however why not finish it off by also providing the ability to explicitly deny access as well, this would obviously over ride any grant access where there is a conflict.

I'd also really like to see ACLs introduced for groups as well - let me specify which groups can access screens, functions, whatever as well as by role. That way I can augment the role based permissionong with aligning to organisational structures as well...!


Please sign in to leave a comment.