Marking properties (Constraint Mask tab)

List of rights that will be Denied:
By default, all the rights are checked, meaning all constraints are masked and only those that have the Use Marked Object access rights on the marking will be able to view and access the object.

Clearing one of the rights in the constraint mask indicates that users with this privilege on that object are allowed through the marking restriction even if they do not have the Use Marked Object access right on the marking. In this way, the constraint mask can be used to design more granular control at the marking level.

See Markings for more information on markings and their relationship to FileNet P8 security.