Example: restrict model-editing
What if you want to restrict the ability to create, edit, and delete Polytomic models to particular roles?
In this case there is no need to create a new policy (although you could if you wanted to). You can instead edit the built-in Models policy:
![perms-policy-models.png 1248](https://files.readme.io/e4edd25-perms-policy-models.png)
- Click the three dots in the top-right to edit the policy:
![perms-edit-policy.png 1258](https://files.readme.io/36f7040-perms-edit-policy.png)
![perms-policy-editing.png 1502](https://files.readme.io/31e88c8-perms-policy-editing.png)
-
Pick the authorised roles for the create, delete, and edit actions.
-
Save your policy.
This is a built-in policy that is automatically attached (thus enforced) to all models in Polytomic.
Inapplicable actions
You will notice that not every single action on a policy will apply to all objects. For example, the default policy above contains actions like sync_to and trigger:
![perms-sync-to-trigger.png 1186](https://files.readme.io/9513559-perms-sync-to-trigger.png)
It does not make sense to 'sync to' or 'trigger' a model. In situations where a policy action is inapplicable to an object, it and its attributes are ignored by that object. In the case of models, one may as well leave the sync_to and trigger actions blank.
Updated over 1 year ago