...
- Collection level: Scenario 1: Bob is authorized to access collection object CO1 from collection ABC. Bob's attempt to access CO1 from ABC should be allowed. Scenario 2: Roger is a grad student at XYU. Roger wants to access collections of ABC. Without proper authorization from ABC, all requests by Roger to access any part of ABC should be denied.
- Field level: e.g. read permission only for accession numbers, but write permission for the rest of an object record.
- Procedural/Record level: e.g. user can view loan records, but cannot update them. User cannot view valuation records. Scenario 1: Bob wants to update CO1. However, Bob has only read permission to access ABC. Bob's attempt to update CO1 should be denied. Scenario 2: Curator Calvin is working on collection object CO2 at ABC. Calvin has set exclusive privileges on CO2. He does not want anyone at ABC to access CO2. CO2 exists only for Calvin. Scenario 3: Alice is in legal at ABC. She has permissions to access loans. However, she does not have any permission to access CO1. Alice should be allowed to access loan L1 but she should not be allowed to access CO1. Scenario 4: Bob is authorized to access collection object CO1 from collection ABC. Bob's attempt to access CO1 from ABC should be allowed.
- Function level: e.g. user can change the status of a vocabulary term (e.g. provisional add to accepted term).
...