Library Security

FileHold has three levels of security:

  • At the Cabinet level.
  • At the Folder level.
  • At the Schema level.

If a user is having problems accessing cabinets, folders, or documents, make sure that they are members of the security groups that are set for that level. You will need to keep these levels of security in mind when creating the Library.

Cabinet, Folder or Schema membership

Your System Administrator manages the users and groups that are added as members to the Cabinets, Folders and Schemas. Users need to be members in order to have access to that part of the Library. The system administrator can employ the effective permissions report to view permissions in the system.

Cabinet security can be managed by a user with a Cabinet Administrator role or a group of cabinet administrators or higher role. If a user or group is not a member of the cabinet, then the user will not see the cabinet or anything inside the cabinet when they log into the system.

Folder security can be managed by a user with Publisher rights or a group of publishers or higher role. If a user or group is not a member of the folder, then the user will not see the folder or anything inside the folder when they log into the system. If you see a red dot on a folder, this can mean that:

  • The user has read-only access to the folder
  • The user has reduced permissions at those folder levels. For example, a user belongs to a group with an Organizer and Delete role and a group with a Document Publisher role. If only the group with the lower permissions has access to the folder, then the red dots appear. The red dot does not affect their abilities as Document Publishers in those folders.
  • The group permissions have been modified using the Advanced Security options (see below).

Schema security is managed by a user with Library Administrator rights or higher role. If a user is not a member of the schema, then the user cannot see, add, search, or use links to documents of that type.

Advanced Permissions

Using the advanced security area, you can modify permissions at the Cabinet or Folder level for FileHold Groups, giving them less permissions than they would normally have in other Cabinets and Folders. A red dot will appear on the affected folders for user's to indicate where this is taking place. Removing the modified permissions is completely possible, by resetting each group.

Advanced security does not allow an illogical assignment. For example, a library administrator who is not the owner, can not be assigned a cabinet administrator role or organizer role. For cabinet or folder owners, the advance security cannot be set.

Cabinet Advanced Security

Effective Permissions

A user can be assigned to a folder or cabinet as a result of being assigned to one or more FileHold groups. The actual users with access to the folder or cabinet and their role on the folder or cabinet can be found by pressing the Effective Permissions button.

For more information on user and group security, see:

Effective Permissions Report

The Library Structure

User Roles

Creating Groups

Creating Users and Groups

File Structure and Access to Documents

One of the ways that security is built into FileHold's document management system is through the use of user and group membership to the different parts of the file structure hierarchy (library).

Except for the library, a user must be a member of a cabinet to even see it displayed in their view of the document management system's file structure.

Permissions are usually inherited by the other objects (drawers, folders and documents) that they contain, although each object may be customized.

Note: Permissions may be restricted at a lower level or taken entirely away.

Security Rules

  • All users may see the library.
  • All users that are given access to a cabinet will see all of the drawers inside that cabinet.
  • However, the user may not have access to all of the folders inside of a drawer as permissions may again be restricted at the folder level.
  • Permissions to documents are restricted by the document schema to which the document is assigned.
  • Access to the library archives follows the same logic as the main library.