More detailed documentation for Content Access Policies is coming soon.
Content Access Policies are configured from the dashboard and are desktop-only.
Where to find it
Open any role via Roles → Create / Edit Role. The Content Permissions tab is where you define access policies for that role.How the policy model works
Access follows an Allow / Deny model with two rules:- Deny always overrides Allow. If a user has a Deny policy from any role, access is blocked regardless of Allow policies elsewhere.
- Default is zero access. Unless a policy explicitly grants access, a role has no access to a content type or action.
Defining policy rows
Each row in the Content Permissions tab defines access along three dimensions:| Dimension | Description |
|---|---|
| Content type | Which content type the rule applies to |
| Action | The operation being controlled (e.g. view, create, edit, delete, publish) |
| Field | A specific field within the content type (custom types only) |
Supported content types
Policies can be applied to:- Custom content types — full support including field-level rules
- System default content types — policy support at the content-type and action level
- Partial entity content types — policy support at the content-type and action level