Each object (here a page is treated as an object with the exception that a page has no associated privilege) can have an area, privilege, commands, and sub-objects defined for it.

If a command is to be executed for a given object the user must first satisfy the area requirements and then the privilege requirements for that object, and finally the access requirements for the command itself. For the commands of an object within a group the access requirements of the parent group object must first be met before the command can be executed. This argument applies recursively to any level of nesting : that is in the case of groups contained within groups.

For an object to be visible the user must either have viewing access to the area of the object or a privilege set within that area. If the object has no area restrictions then it is visible to all users. For an object within a group to be visible the user must having viewing access to the parent group object as well as the object itself.

Access requirements for commands depend on the type. For touch input commands the access requirements are the same as that of the parent object. In the case of keyboard commands the access requirements can be specified individually but by default, have the access requirements of the parent object. By default an object will have no privilege or area restrictions, meaning that all users can see the object and execute the commands of the object.

Meeting the privilege requirements means that the user has the required privilege in the area specified for the object. If the object has no area specified then the user must have a global privilege matching that required. If no privilege restrictions apply for the object then any user that has met the area requirements also meets the privilege requirements. Assigning a user a global privilege gives that user that privilege in every area. As a consequence that user will also have viewing access in every area.