Is it possible to setup ACL to allow access to only certain collections, regions etc. instead of just all collection, regions etc…
Or can I just limit access to types of entities?
You can define permissions for groups in the collection settings for each collection individually. You don’t have to give global rights to user groups.
In the permissions tab you can set individual rules via PHP.
See this thread for some more explanations:
For granular user and read permissions, write your own rules in PHP. Some inspiration here: