Enhanced Selectables on Access Rules

A first-class object has been added to the select interface to represent a user (owner, or public).

You can navigate to this object using the following fields:

policy[POLICY_NAME].state[STATE_NAME].owner[KEY]
policy[POLICY_NAME].state[STATE_NAME].public[KEY
policy[POLICY_NAME].state[STATE_NAME].user[USER_NAME|KEY]

Since KEY can include wildcards, a KEY of '*' selects all access items for owner, public, or a named user. Once the targeted user has been selected, the following fields are available:

Field Description
organization Returns any, single, ancestor, or related, depending on which option was selected.
project Returns any, single, ancestor, or related, depending on which option was selected.
access Returns the user's access mask.
filter Returns the user's filter expression.
revoke Returns TRUE if the access item denies access, FALSE if it grants access.
key Returns the user-assigned identifier string for this access item.
login Once the targeted user has been selected, the login field is also available. Returns TRUE if the access item applies to the login role, FALSE if the access item applies to the user assignment.

For more information, see Appendix: Selectables.