Specialized Administration > Ensuring Data Security > Access Control > Setting Permissions > Setting Permissions through the Policy Administration Utility
  
Setting Permissions through the Policy Administration Utility
Through access control policy rules, you can establish whether a specific participant is granted, denied, or absolutely denied permissions to the objects of a specified object type in a specified life cycle state.
Selecting certain permissions on the New Access Control Rule window automatically selects other permissions when granting access to an object type. For example, if a group is given permission to create an object, the group typically should also be able to read and modify the object; however, these automatic selections can be deselected.
The set of properties that control which additional permissions are automatically selected starts with the following:
wt.access.permissionImplies.
The following table lists the permissions that are selected automatically for each permission granted.
Permission
Selects
Full Control
None
Read
None
Download
Read
Modify
Download and Read
Modify Content
Modify, Download, and Read
Modify Identity
None
Modify Security Labels
None
Create By Move
Read
Create
Create By Move, Modify Content, Modify, Download, and Read
Set State
None
Revise
Create By Move, Modify Content, Modify, Download, and Read
New View Version
Create By Move, Modify Content, Modify, Download, and Read
Change Domain
None
Change Context
None
Change Permissions
None
Delete
Modify Content, Modify, Download, and Read
Administrative
None
For example, if you select Grant for Modify, the Grant for Read and Download buttons are automatically selected, as illustrated in the Permissions table on the New Access Control Rule window: