In Pigment, access rights and permissions are treated just like any other data type such as number, integer, or text. This means you can create Metrics and use formulas to build custom security rules based on all of the data available in Pigment with a lot of flexibility. For example, you can restrict the access rights of a country manager so that they only see financial data for their own country, while central management can see a consolidated view for all countries. This article outlines how to build custom access rights rules, 

Create a New Metric for Access Rights

1. Create a new Metric.
2. Set the data type of the Metric to Access Rights.
3. Add the Dimensions you want to use to define the access rights.
   Ensure the Metric includes the User Dimension so Pigment can identify which users the rules will apply to.
    
4. Save the Metric.

Apply Custom Access Rights Rules

1. In the Application sidebar, click on Settings.
2. Select the Security tab.
3. Scroll down to the Access rights rules section.
4. Click + Add an access rights rule to create a new rule.

Settings for the access rights rule

Define the rule type to specify whether it applies to Read, Write, or Read & Write access. Next, determine how the rule applies.

You can apply rules to:

• Specific Metrics that contain the Dimensions in your access rights Metric. For example, Country, or Department.
• All Metrics with a set of Dimensions, including those in your access rights Metric.
• List Properties, specifying to which Lists and Properties to apply access rights. For example, Annual Salary Property of an Employee List.

Example