discuss.answer
-
- 24,544 Posts
That's correct if you're talking about Context Access Policies (e.g. based on the Administrator Policy Template), but slightly backwards. If create is set to 'no' the user can't create anything anywhere, no matter what else you do. If create is set to 'yes', the user can only create things they have the specific permission for (new_document, new_snippet, etc.).
There's also a 'create' permission in policies that apply to Resource Group Access and Element Category Access ACL entries. Those only apply to resources in a specific Resource Group or Elements in a specific Category.