Typically, in a content management system and in other contexts in which access to electronically stored content is restricted, a user (individual, system, application, process, etc.) is permitted to access a content item if the user is included, individually or by virtue of membership in a group, in an “access control list” (ACL) associated with the content item. Group membership typically has been defined statically, such as by receiving and storing a list of individuals who are to be considered members of the group, and determined at runtime by consulting the statically defined list.
However, it would be useful to have a way to grant to a user and/or group certain rights that are to be available to the user/group in only certain application or other contexts, such as during certain times of day, from certain physical systems, from certain types of system, from systems associated with a particular physical site, etc. Therefore, there is a need for an effective way to provide controlled access to manage content in some contexts but not others.