Authorization framework
Resources that can be authorized usually correspond to a leaf level menu item. As a consequence the menu structure which every user sees depends on their permissions. If the user has at least view permission for a given resource. The required menu section and corresponding leaf level to access the page is displayed. If the user has no permissions for any resource in a menu section, the whole menu section is not displayed.
When the user can navigate to pages of another related resource, ION authorization framework expects that the user have explicit permissions for the destination resource. If not, the access channel to the related resource is either not shown or a Permission Denied error message is displayed. Same behavior is exhibited when importing one resource tries to create another related resource. In this case, the user is expected to have appropriate permissions on the related resource as well.