access control clean up

mwasilew2 · mwasilew2 · commit 8d40df668c63 · 2025-08-08T14:31:42.000+02:00
Signed-off-by: Michal Wasilewski &lt;michal@mwasilewski.net&gt;
diff --git a/docs/concepts/spaces/access-control.md b/docs/concepts/spaces/access-control.md
@@ -114,10 +114,8 @@ roles["root"]["space-admin-role-id"] {
     To use custom roles in login policies, copy the role ID from **Organization Settings** → **Access Control Center** → **Roles** → select role → copy ID.
 
 !!! warning
-    - Please note that Login policies are only allowed to be created in the `root` space, therefore only `root` space admins
-    and administrative stacks, as well as `legacy` space administrative stacks can create or modify them.
-    - A logged-in user's access levels only get updated when they log out and in again, so newly added spaces might not be
-    visible to some users. An exception is that the space's creator immediately gets access to it.
+    - Please note that Login policies are only allowed to be created in the `root` space, therefore only `root` space admins and administrative stacks, as well as `legacy` space administrative stacks can create or modify them.
+    - A logged-in user's access levels only get updated when they log out and in again, so newly added spaces might not be visible to some users. An exception is that the space's creator immediately gets access to it.
 
 ## Inheritance
 
@@ -141,8 +139,10 @@ Let's analyze the tree starting from the left.
 
 As mentioned, the user was granted **Write** access to the `write access space` space.
 Because inheritance is enabled, they also received **Read** access to the `access propagates up` space and the `root` space. The reason for that is to allow users to see resources that their space can now use.
+
 Next, the user was given **Admin** access to the `admin access space` space. Regardless of the inheritance being off, they also received **Admin** access to the `access propagates down` space.
 This makes sense, as we want to allow admins to still manage their spaces subtree even if they want to disable resource sharing between some spaces.
+
 Finally, the user was given **Read** access to the `read access space` space. Because inheritance is off, they did not receive **Read** access to the `legacy` space.
 
 ## Related Topics
