Regular, computed, and dynamic groups

You can create the following groups in the Group form:

• Regular groups—Explicit groups that you create and to which you assign a specific list of users. For information about assigning users to groups, see Creating-and-modifying-users.
• Computed groups—Explicit groups that you create and to which users are assigned based on the memberships of explicit groups included in an expression. For example, you can create a computed group definition such as (A AND B) OR C AND NOT D. This computed group includes the list of users who are members of both groups A and B, or members of group C, but not members of group D.
   Computed groups make groups easier to manage. You can manage your users in a limited number of regular groups, and use computed groups based on these regular groups for more complex access control without the need to make changes in multiple groups.

• Dynamic groups—Implicit groups are similar to the reserved Assignee Group group in that the contents of special fields determine group membership. For more information, see Controlling-access-by-using-implicit-groups-Row-level-security.

AR System provides two types of groups:

• Explicit groups—Groups to which you must manually assign users in the User form. When a user becomes a member of a group, the user is given access to all objects and fields to which the group is granted access.
   Explicit groups that you create are defined for a particular server. If you move the objects to a new server with its own defined explicit groups, you might need to resolve permission conflicts. Consider using a deployable application, which uses role permissions that can be mapped to different groups on different servers. For more information, see Role-based-access-overview. For information about assigning users to groups, see Creating-and-modifying-users.
• Implicit groups—Groups that depend on specific user circumstances and situations. Users belong to these groups based on specific conditions, such as the contents of special fields within each request. You do not directly assign users to implicit groups. Any dynamic groups that you create are also implicit groups. For more information, see Controlling-access-by-using-implicit-groups-Row-level-security.

Here are access control group types:

Membership in multiple groups

Users often belong to multiple groups in an organization. They inherit permissions from each of the groups to which they belong. If a group has permission to access a form, field, request, active link, or active link guide and a user belongs to that group, the user has access, even if the user belongs to other groups that do not have access.

How permissions work