Managing folder access (Permissions)

Only users that are members of a particular folder can access the files that reside in that folder. When the Library Administrator creates a new folder in order to protect the contents of the folder from unauthorized users, the administrator must associate groups (or users) with the folder. ONLY groups (or users) associated with a folder will have access to the folder (or even see it). Further the librarian can also restrict the permissions to groups once they are assigned as members of a folder.

The groups that are available to assign permissions at the folder level are inherited from the Cabinet in which the folder resides. In order for a group to be able to be assigned to a folder, they must be a member of the cabinet. After the group is added at the cabinet level, the new group will appear in the Available FileHold Group listing in the folder properties security section.

For more information on library and document security see, Library and document security.

If you see a red dot on a folder, this can mean that:

  • The user has read-only access to the folder.
  • The user has reduced permissions at those folder levels. For example, a user belongs to a group with an Organizer and Delete role and a group with a Document Publisher role. If only the group with the lower permissions (Document Publisher) has access to the folder, then the red dot appears. It does not affect what they can do in the folder; they will still have Document Publisher capabilities.
  • The group permissions have been modified using the Advanced Security options on the folder. You are able to give a user or group a role that is less than what is already designated to them. For example, you can modify a Cabinet Administrator’s role to reduce it to Document Publisher. If a group or user’s permissions are modified using the advanced security option, a red dot appears on the folder that has been modified when the user logs in.
Image
Modified security on folder

To edit the folder membership

  1. Right-click on a Folder name and select Properties.
  2. In the Folder Properties window, click the Security tab.
  3. Add or remove users or groups to the folder membership.
  4. To see which user roles the user or group belongs to, select the user or group name in the Current Members list and click Effective Permissions. The user role for that folder member will appear in the Effective Permissions list.
  5. To set advanced security options on a user or group, select the user or group name in the Current Members list and click Advanced Security Options. To modify the rights, select a user role from the list and click Apply. To revert to the default user role, click Restore.
  6. Select the Security Options check box if you want to inherit the security settings from the cabinet.
  7. Click OK.

Best practices recommendation

Whenever possible use only groups when assigning permissions and memberships. This makes it easier to add a user to the document management system. As a member of a group the user will inherit all of the permissions and access that the group has throughout the system.