CONFIGURING
The access set for a user in an extended ACL can never exceed the access the database ACL, including the database ACL privileges and roles, allows the user. For example, if the database ACL allows a user only Reader access, you cannot use the extended ACL to allow Write access. Or if a user is omitted from the database ACL User Creator role, you can't use the extended ACL to allow the user Create access to Person documents.
About this task
Access set through a security feature in the database design also restricts the access you can specify in an extended ACL. For example, if a Readers field on a particular form prevents a user from reading fields in documents created with that form, giving a user Browse access to the form in the extended ACL does not override the access specified in the Readers field.
Related concepts Extended ACL
Related tasks Configuring a database ACL