3 Replies Latest reply on Jan 24, 2017 5:32 PM by Jason Capriotti

    Folder Permissions Question

    Jim Sculley

      I'm using EPDM 2016 Pro and I need to do something that I haven't come across before.  I need to grant access to a particular folder in the vault only to members of a particular group.  This folder is deeply nested in the vault and the users in this new group are completely new to the system.  If I set the 'Read file contents' permission on the folder, the new group still can't see the folder because all of the parent directories do not have the 'Read file contents' permission.  If I work my way up through the parent directories, adding the 'Read file contents' permission, the system sets the 'Read file contents' permission on all the subfolders as well, which I don't want.  I could go back and remove the 'Read file contents' permissions form these other subfolders, but in some cases there are hundreds of them.

       

      Visually, it's something like this:

       

      _EPDM

        +-Top Secret Stuff

        +-Other Secret Stuff

                         +- Secret Stuff 001

                         +- Secret Stuff 002

                         +- Secret Stuff 003

                          ...

                          +- Secret Stuff 499

                          +- Secret Stuff 500

                                    +-Non Secret

                                             +- File A

                                             +- File B

                                    +-Still Secret

                          +- Secret Stuff 501

                          ...

                          +- Secret Stuff 998

                          +- Secret Stuff 999

       

      I want to give this group access to folder Non Secret and everything in it, and no access to anything around or above it other than the ability to navigate to it.

       

      I can't help but think I'm missing something simple here.  Surely there is a way to to this without having to set the 'Read file contents' permission on _EPDM and then having to unset it on Top Secret Stuff, Secret Stuff 001 through Secret Stuff 499 and Secret Stuff 501 through Secret Stuff 999 and Still Secret

        • Re: Folder Permissions Question
          Lee CS Young

          It's by design. See solution S-054493.

            • Re: Folder Permissions Question
              Tim Webb

              Nice KB solution, thanks for sharing Lee CS Young

               

              I ran into this in 2011 with a vendor setup in a vault so I created a "vendor" folder area and made those permissions just for that vendor folder structure. Only supply chain and document control could see the vendor folders and only document control could add PDF and STP files to that folder for the vendors. Management, engineering, and manufacturing could not see the vendor folders at all so it was invisible to them.

               

              Jim Sculley, your post is exactly why I went this direction.

                • Re: Folder Permissions Question
                  Jason Capriotti

                  We had the same need for project folders, some people only need to see files in a certain folder. What I did was create a new group called "Project - Top level" and this group has one permission checked on the root project folder "Read file contents". No other access for any workflows of folders. This allows them to see the folder structure but no files. It does mean they can see the folder structure of areas you may not want them to see.

                   

                  Then I gave their main group (usually named by department) access to the sub folder and added the permissions "Read file content" and "Show working versions" and added permission to see the state the files are in.

                   

                  This works OK if you don't have any files with "Revision" tags as "Read file content"  on the state will allow them to see files with revisions. For us, project files don't have revisions and only one state so not an issue.