Attachment Security Not Working as Expected
Summary:
After creating a document class and three new attachment categories, we still haven't been able to fully limit all user's access to some attachments
Content (required):
We have created a new document class with three new attachment categories where we want to greatly limit who has access to read those documents. I created data security policies and assigned these to roles but was only partially successful in my goal to limit user access. It appears that if a user role grants the "Maintain Item Basic" privilege to a user for an item or document class, then they can then create, read, update and delete attachments regardless of the attachment category. Is that correct?