Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of the limits of the user.
How to enforce
ResourceSpace provides access control using a group membership mechanism where a user can belong to only one user group at a particular point in time. Each user group has permissions to different parts/functions of the system (e.g edit/view fields, download resources).
The function used to verify if a user has a particular permission is checkperm($perm).