Acces control is limited and very specific:
The special admin user role that is assigned using the
config.json file is granted global access.
Following is an example setup for a security tracker with non public access and two additionally created custom groups:
However, this is a very first step… lots of optimization and testing required here.