Compartment Security and Indexing
Using more compartments means stronger security because compartments are ANDed. The roles within the same compartment are ORed. When a document or element is protected by more compartments, this implies stricter access. Roles without compartments are ORed amongst themselves and then ANDed with compartment roles. The general rules are:
If an element is protected by more compartments than the document’s, the element level protection is considered stronger.
Within the same compartment, if the element is protected for fewer roles, the element level protection is stronger.
There are situations where the weaker/stronger protection cannot be clearly determined. In this case, element level security is always considered to be stronger.
See Node Update and Document Permissions Expanded and Combination Security Example for more about security protection and indexing. For more information about compartment security, see Compartment Security.