8 lines
No EOL
546 B
Text
8 lines
No EOL
546 B
Text
[[_policy_logic]]
|
|
=== Positive and Negative Logic
|
|
|
|
Policies can be configured with positive or negative logic. Briefly, you can use this option to define whether the policy result should be kept as it is or be negated.
|
|
|
|
For example, suppose you want to create a policy where only users *not* granted with a specific role should be given access. In this case,
|
|
you can create a role-based policy using that role and set its *Logic* field to *Negative*. If you keep *Positive*, which
|
|
is the default behavior, the policy result will be kept as it is. |