Restricted Scope

Entities that are Restrictable will have a restricted scope defined. This scope is applied on every base query our endpoints provide.

When requesting data from the intratool API all queries to Restrictable models will be restricted to the current user.

There are administration routes where EntityPermissions are ignored so privileged Users can access the requested content without having the EntityPermission.