.. except from Draft and Submitted state.

Document security should be based on group, site, function defined on
document, sometimes publication section and or follow up, but the owner
should only be considered in draft state.

For conveniance (and compatibility), Owner is also allowed to view in
Submitted state. The use case is for when a user submit a document he
will not be allowed to see, for example because he made a mistake when
choosing properties, user is still allowed to view the document and
there's no unauthorized error.

We want to allow a user to set properties before publishing a document
and later, once the document is no longer draft, the security of the
document will be depending on these properties.

We want to prevent users to get permissions on a PDF document that would
be created by interactions and they are not supposed to see. For exemple
when we generate a PDF invoice and store it in document module. In this
case, as the interaction runs as the user, this user will have Owner
role implicitely.