Index
Speaking of defining security criteria for folder or document...
The platform offers security settings options to define access permissions and restrictions, as well as actions on folders and documents. These security criteria can be configured specifically for each user, user groups, or all active users on the platform. Therefore, the same user can be configured with several types of permissions and restrictions for a given folder or document, considering the highest permissions and restrictions defined for this user.
Restrictions are used to override permissions; therefore, a restriction without a permission does not generate any results. Example of when a restriction can be used: a user group was granted full permission to a document. However, one of the users belonging to the group should have view-only permission. Therefore, a Modification type restriction must be registered for this particular user, which will only enable the user to view the document, and not make any changes.
Users must have full permission for the folder or document in order to define or change its security criteria.
Define security criteria for folder or document
01. In the Security tab, define whether the folder or the document should inherit the security criteria of the parent folder.
When the option Inherits security from parent? is checked, all safety criteria of the parent folder are assigned to the folder or document. If the parent folder also inherits the same security criteria, these criteria (from the "grandparent" folder) are applied to the folder or document, and so on consecutively.
Even if the security criteria are defined as inherited, you can include other criteria that will be exclusive to the folder or document.
This option does not appear when you create a document (folder or form) in the root folder, or when you create a folder or document in a folder that does not have any safety criteria defined.
02. Click on 1 – Permissions.
The permissions area allows you to configure access to the folder or document being created or edited.
03. Click on Collaborator to define permission criteria for a specific user.
04. In the window that opens, select the user for which the permission criteria will be defined.
05. Click on Select.
06. Define the permission criteria for the user in the columns shown next to
List content
When checked, this option determines that the folder or form content will be displayed in document browsing. When this option is not checked, the content can only be accessed from its link, even if the user has read and write permission, as the user will not be able to view the folder or form content. This option is only displayed for folders and forms.
Download and printing
When checked, this option determines that the user can download and print the document or the folder content, as long as the document or folder allows it, i.e., the field Allows download and printing, located on the General information tab – for documents – or in the Inherited properties – for folders – is checked.
All versions
When checked, this option determines that the security level (read, write, modification or total) will be valid for all versions of the folder or document.
Security level
Actions that the user will be allowed to perform on the folder or document. The available options are:
- R: Read. When checked, this option determines that the user can only view the folder or document;
- W: Write. When checked, this option determines that the user can add content inside the folder or to fill out a form; however, the user can't change the properties of the folder or of the form itself. This option is only displayed for folders and forms.
- M: Modify. When checked, this option determines that the user can modify the item in question, in addition to the actions allowed under Read and Write. In case of a folder, in addition to being able to view it and write content inside it, the user can also modify its properties. In case of a document, the user can modify its properties and content. However, the user cannot change the security criteria of folders and documents.
- T: Total. When checked, this option determines that the user has full permission for the item, i.e., the user can perform all the previously mentioned actions, as well as change the security criteria.
To exclude a user from the permission criteria, click on the bin icon located in the Delete column.
07. Click on Group to define permission criteria for a user group.
08. In the window that opens, select the user group for which the permission criteria will be defined.
09. Define the permission criteria for the user group in the columns shown next to the group name.
For more information about options for the columns, see Learn more in step 06.
To exclude a user group from the permission criteria, click on the bin icon located in the Delete column.
10. In Group rules, select the option that determines the rule that will be considered for user groups.
Depending on the option selected, the security treatment for groups will be different. The available options are:
- ALL group users: when selected, all group users for whom you have defined permission criteria will have access to the document/folder. This access is limited to the security level defined for the group. This option works with the concept of union of all groups.
- ONLY group common users: when selected, only group common users for whom you have defined permission criteria will have access to the document/folder. This access is limited to the security level defined for the group. This option works with the concept of intersecting users of groups.
For all options, the higher permission is always considered.
These rules are only applied when there is more than one group.
11. Click on All to define permission criteria for all platform users.
12. Define the permission criteria for all users in the columns shown next to All.
For more information about options for the columns, see Learn more in step 06.
To exclude the group All from the permission criteria, click on the bin icon located in the Delete column.
13. Click on 2 - Restrictions.
Restrictions are used to override permissions. Therefore, a restriction without permission does not have any effect in the security definition rule.
14. Click on Collaborator to define restriction criteria for a specific user.
15. In the window that opens, select the user for which the restriction criteria will be defined.
16. Click on Select.
17. Define the restriction criteria for the user in the columns shown next to the user's name.
List content
When checked, this option determines that the folder or form content will not be displayed in document browsing. This option is only displayed for folders and forms.
Download and printing
When checked, this option determines that the user cannot download nor print the document or the content of the folder.
Security level
Actions that the user will be allowed to perform on the folder or document. The available options are:
- R: Read. When checked, this option determines that the user can not view the folder or document;
- W: Write. When checked, this option determines that the user cannot add content to the folder or modify the characteristics of the folder itself; this permission only allows the user to view the folder. This option is only displayed for folders.
- M: Modify. When checked, it determines that the user cannot modify the item in question, but can perform all the actions mentioned earlier with previous level permissions. That is, in case of a folder, the user can only view it and write content, but cannot modify its properties or its security criteria. In case of a document, the user can only view it, without modifying its properties and content.
- T: Total. When checked, this option determines that the user has full restriction for the item, i.e., the user can perform all the previously mentioned actions – with previous level permissions – except for changing the security criteria for the item.
To exclude a user from the restriction criteria, click on the bin icon located in the Delete column.
18. Click on Group to define restriction criteria for a user group.
19. In the window that opens, select the user group for which the restriction criteria will be defined.
20. Define the restriction criteria for the user group in the columns shown next to the group name.
For more information about options for the columns, see Learn more in step 17.
To exclude a user group from the permission criteria, click on the bin icon located in the Delete column.
21. In Group rules, select the option that determines the rule that will be considered for user groups.
Depending on the option selected, the security treatment for groups will be different. The available options are:
- ALL group users: when selected, all group users for whom you have defined restriction criteria will have access to the document/folder. This access is limited to the security level defined for the group and to the result between permission versus constraint. This option works with the concept of union of all groups.
- ONLY group common users: when selected, only group common users for whom you have defined restriction criteria will have access to the document/folder. This access is limited to the security level defined for the group and to the result between permission versus constraint. This option works with the concept of intersecting users of groups.
For all options, the higher permission is always considered.
These rules are only applied when there is more than one group.
22. Click on All to define restriction criteria for all platform users.
23. Define the restriction criteria for all users in the columns shown next to All.
For more information about options for the columns, see Learn more in step 17.
To exclude the group All from the permission criteria, click on the bin icon located in the Delete column.