Access Control Lists

The Access Control List lets you add and remove members to control who has access to certain files, folders, and custom objects. You can also control whether the member can only view the content, modify the content, and delete the content.

A file, folder, or custom object that does not have an Access Control List defined uses role-based security.  Refer to Managing Roles for more information.

Note:

In Vault Workgroup and Professional, file security can be determined by the state of the file. If there is neither state-based nor folder security, then the file security is based on the user's role. 

Whether a Vault object has role-based security (no ACL defined) or object-based security, the security can be overridden. An override of security means that the system ACL still exists on the object but is being overridden by a newly defined ACL. This is called an Override Access Control List or an Override ACL. As long as an override ACL exists, the system ACL will be ignored. If the user removes the override ACL then the system ACL will become the new security.

The following table explains each permission.

Permission Access
Read
  • Allow - Content can be viewed. 
  • Deny - Content cannot be viewed.
  • None - Content cannot be viewed provided that the member is not explicitly allowed view rights based on state security or folder security.
Modify
  • Allow - Content can be modified. 
  • Deny - Content cannot be modified. 
  • None - Content cannot be modified provided that the member is not explicitly allowed modify rights based on state security or folder security.
Delete
  • Allow - Content can be deleted. 
  • Deny - Content cannot be deleted. 
  • None - Content cannot be deleted provided that the member is not explicitly allowed delete rights based on state security or folder security.
Parent topic: Work with Files and Folders in Vault