Introduction

EntityPermissions are a layer of permissions directly applied on user generated contents and are one core part of the intratool permission handling. While middlewares keep track of user privileges on application level, EntityPermissions provide a way to describe content level permissions.

Contents that should only be interactable by a user or a group of users, are attached to EntityPermissions by the intratool api and checked when retrieving data from an endpoint.

In that way, the structure of how permissions are stored and checked for contents is the same for all entities that utilize the EntityPermissions.