How does the system know which documents a user can access?

Access to a specific document is based on a matrix of various permission levels. Here is the way permissions are determined:

Company Defaults
Default User Permission - This defaults to "Forbidden" but can be changed by a Company Super User account. This setting basically says "Unless specified, make all users and groups have this Default User Permission level as a default access level for all documents."

Default Folder Permission - This defaults to "Forbidden" but can be changed by a Company Super User account. This setting basically says "Unless specified, make all users and groups have this Default Folder Permission level as a default access level for all folders."

Folder Permissions Levels
Allowed - Permitted user can view and upload on folder
Forbidden - Permitted user cannot view and upload on folder


Outside of the Default User Permission setting and Folder setting each Document can be configured by two different access control sections:

User and Group Permissions Levels (one or many users)
Forbidden - Cannot see the document in the system
View - Can see the document details and can "preview" the document but not download it
Download - Can do everything from View as well as Download
Write - Can do everything from Read as well as Edit
Admin - Can do everything from Write as well as Delete.

 

When a user views the main Documents list, to determine if a specific user can "see" a document in the list here is how the system determines their access level:

  1. Does the company Default Folder Permissions allow them access to the folder where the document is held?
  2. Does the specific Folder Permission on the folder allow them to access based on their group? If so, is this user a member of one or more groups? If yes, what access level does the group they belong to have?
  3. Does the specific Folder Permission contain a specific user permission setting for this user? If so, what access level does the user have?
  4. Does the company Default User Permissions allow them access?
  5. Does the Document contain a group Permissions setting? If so, is this user a member of one or more groups? If yes, what access level does the group they belong to have?
  6. Does the Document contain a specific user permission setting for this user? If so, what access level does the user have?


Based on those various checks we take the highest level access found and use that for a specific document.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.