Typically, when the system determines a user's access rights to a class, it searches Access of Role to Object (Rule-Access-Role-Obj) rules for all of the access roles listed in the operator’s access group. Access is granted if any of these access roles permit it. You can, instead, control how many access roles are searched and the order in which they are searched.
The order in which access roles are searched is determined by the order in which they are listed in the operator’s access group. An option on the access group lets you specify that the search process stops as soon as an access role is found with a relevant Access of Role to Object rule that either grants or denies access.