Manage File, Folder, and Custom Object Security

You can specify which users have access to files, folders, and custom objects, as well the level of their access by assigning members. Members can be individual users or groups of users. By default, no members are assigned, meaning that all users have access to all files, folders, and custom objects. Once any members are assigned to the Access Control List (ACL) for a file, folder, or custom object, any users requiring access must be assigned to Access Control List.

Learn About the Access Control List

The Access Control List lets you add and remove members to control who has access to certain files, folders, and custom objects. You can also control whether the member can only view the content, modify the content, and delete the content.

A file, folder, or custom object that does not have an Access Control List defined uses role-based security.  Refer to Managing Roles for more information.

Note:

In Workgroup, Collaboration, and Professional editions, file security can be determined by the state of the file. If there is neither state-based nor folder security, then the file security is based on the user's role. 

The following table explains each permission and just what the member can do:

Permission Access
Read
  • Allow - Content can be viewed. 
  • Deny - Content cannot be viewed.
  • None - Content can be viewed provided that the member is not explicitly denied view rights based on state security or folder security. 
Modify
  • Allow - Content can be modified. 
  • Deny - Content cannot be modified. 
  • None - Content can be modified provided that the member is not explicitly denied modify rights based on state security or folder security. 
Delete
  • Allow - Content can be deleted. 
  • Deny - Content cannot be deleted. 
  • None - Content can be deleted provided that the member is not explicitly denied delete rights based on state security or folder security. 

Manage File Security

You can quickly examine security  details and make changes to security settings through the context menu.

View File Security Settings

  1. Right-click on a file, folder, or custom object in the vault and select Details.

    You can also access the Details dialog by selecting Details from the File menu.

  2. In the Details dialog, select the Security tab. A summary of the security information is displayed, including the current security mode and the list of users with access. If the Access Control List is empty, all users have access. Once any members are assigned to the Access Control List e, only users on that list have access. 
    Note: If there is neither state-based nor folder security, then the security is based on the user's role.

    State-based security is available only in Workgroup, Collaboration, and Professional editions.

Override File Security Settings

  1. Right-click a file, folder, or custom object in the vault and select Details.

    You can also access the Details dialog by selecting Details from the File menu.

  2. In the Details dialog, select the Security tab. The Override Security check box is accessible, even when the security mode is role-based.
  3. Select the Override security check box to enable the Access Control List associated with the file and manually edit access permissions.
    Note: If the Override security check box is selected but no permission changes are made, the system assumes that the user wants to create a new security access control list with the same settings.

Add a Member to Access Control List

  1. Right-click a file, folder, or custom object in the vault and select Details.

    You can also access the Details dialog by selecting Details from the File menu.

  2. In the Details dialog, select the Security tab.
  3. Click Add.
  4. In the Add Members dialog box, select the users or groups to assign to the current file, folder, or custom object, and click Add.
  5. Click OK.
  6. The Access Control List lists the members with access to the file, folder, or custom object. Select a member for whom to configure the permissions.
  7. In the Permissions box, enable or disable the Allow and Deny check boxes for each permission.   

    For example, for Read-only access, select the Allow check box for Read, and the Deny check box for Modify and Delete.

  8. Click OK.

Remove a Member from a File

  1. From the Access Control List, select a member.
  2. Click Remove.
  3. Click OK. The selected member can no longer access the file, folder, or custom object.
    Note: Select Deny for all three permissions to restrict a member of a group from accessing a folder to which the group has access. Add the restricted member as an individual on the Access Control List and then set the permission for that member to No Access.
Parent topic: Work with Files and Folders in Vault