ACR Rules

⌘K
  1. Home
  2. Docs
  3. ACR Rules
  4. Security (28)
  5. Entity access default rights for new members should be None or Read

Entity access default rights for new members should be None or Read

Introduced in version 1.10 (May 2020)

Entity access default rights for new members should be None or Read. This forces you to think about each attribute that is added to an entity and prevents unwanted access by mistake.

You can configure to skip entities that belong to certain debug or developer user roles, so those user roles are allowed to have read-write by default.

Optionally one can choose to only allow only None. This is even more secure, but might be too strict for some.