With the 'Permission on content (entities)' you determine which objects an entity is allowed to read or edit. Not certain fields are authorised (this is done via the Permission Permission on content (fields)) but the entire object is authorised. Using the 'Permission on content (entities)' you set when a user is allowed to read the object. You are the first to uncheck the rights that you want to authorize with the 'Permission on content Authorisation (Type of Permissions)entities)' in the 'Permission on content (entities)', after which you indicate in the 'Permission on content (entities)' which rights apply to certain criteria. For filling in the criteria, see: Change criteria.