Custom access group designations are provided to address the needs of a group to view, edit, and delete categories and records made available within a knowledge base only to members of that group (or specifically denied to that group). KB Meister supports the use of any number of custom access groups within an account, including none.
A SysAdmin is required to add a new custom access group and to assign or remove users from it. A SysAdmin or a user with editing capabilities who is a member of a custom access group may add or delete the same custom access group designation to a category or record (knowledge object).
Custom access group rights are evaluated before a SecLev. For example, a user with a "Librarian" SecLev with access to view and edit records with a "Public" SecLev will not be able to view a record designated as view-only to a "Board of Directors" custom access group. Without an ability to view that record, the Librarian also has no access to edit it.
A category or record with a custom access group designation may be additionally designated as accessible or denied to members of that group. Although granting access is the most common, it may be useful to deny access to a specific group, for example, to keep members of a "Contractors" group from viewing records dealing with profit-sharing for employees.
Unlike a SecLev which has set restrictions about what a user can view, edit, or delete, a custom access group designation may also specify if a user may view, edit, or delete the designated record.
For a proper overview of how an item's SecLev fits into overall access rights, see Security Access Management in the "More Info" below.