Folder Security


Folder security determines which users have the ability to interact with or manage the folder, such as viewing the documents within the folder, changing the folder name or other folder properties, viewing the folder workflow routes, or modifying the folder security. Like with document security, there are six different levels of permissions: public, viewer, editor, owner, VaultAdmin, and VaultAccess.

Owners of the folder or users with administrative rights can modify the folder security. When a subfolder is created, VisualVault copies the security settings from the parent folder. When a subfolder is moved or copied, it will drop all folder and document level security. It will then reset the security on the folder and the documents with the security of the new parent folder. In the event that a folder is copied or moved to the first level of the document library, it will maintain the security it had as a subfolder. See Moving and Copying Folders for a detailed description on what happens to folders as they are copied and moved.

Under various circumstances administrators will need to plan out a folder security plan to grant security for a given group of users. For example lets say that you have a three deep folder structure. On the third level there are various folders that different groups of users should view and other folders they should not see at all. To establish visibility down to the third level, users must have view access to through the parent folders. Then on the third level folder, give the appropriate rights to folders that the user needs to see. If the users do not have viewer access, they will not see a folder at any level. Planning out and testing the security plan of your document library can give you the leverage you need to create a simple or complex environment depending on your business needs.

If owners or administrators give users access to a subfolder, but not to the parent folder(s), users will not see the subfolder or its documents in the Document Library. The documents, however will be visible to users through My Email Alert Subscriptions or Advanced Search.

Step-by-step instructions on how to modify folder security are given in the following sections.

Granting Security Access to a Folder

Grant Security Access:

  1. Navigate to the folder in the document library.

  2. Select the Security tab in the Folder Properties.

  1. Select the Modify Security button.

  2. Select Users or Groups in the Members Selection area to be added. If needed, use the Search capability to locate the user or group.

  3. Add users or groups as either Owners, Editors, or Viewers of the folder by selecting the appropriate button
    - Owners: have rights to change security, edit, delete and view folders
    - Editors: have rights to edit, delete, and view folders
    - Viewers: have rights to view folders

  4. If you desire to apply the security for a folder and all its subfolders and documents in those subfolders, select the "Apply Changes to Subfolders" button.

Users can also access the security settings of a folder by right clicking on the folder and selecting Security.

Removing Security Access to a Folder

Remove Security Access:

  1. Select the Security Tab

  2. Select the Modify Security button.

  3. Select the Users or Groups in the Assigned Members area to be removed.

  4. Select the Remove button.

  5. Select the Apply to Subfolders if you want to remove any access that the user might have to any of the subfolders.

Rights that have been configured specifically on a document are not removed through this process. Owners or administrators must remove access directly from the document.

A detailed table is given in the next section describing the various folder-level functions and which permission levels are able to perform these functions.

Folder Permissions

The following is a list of permissions granted to each role within the Folders of the Document Library.

Application/Area Ability

VaultAccess

VaultAdmin

Owner

Editor

Viewer

Public

Create New Root Folders

X

X ∆

Create New Subfolders

X

X

X

View Folders

X

X

X

X

Upload Document(s)

X

X

X

Modify Folder Details

X

X

Set Folder Event Workflow

X

X

View Current Workflows

X

X

X

Set Security Rights

X

X

Delete Folders

X

X

Move Folders

X

X*

Copy Folders

X

X

* Owners cannot move folders to the root level.

VaultAdmin will see only folders where they have been given permissions if the folders were created by another user. By default, the VaultAdmin user will only see the Document Library folder and any folders that this user has created.