Permissions
Files.com makes it simple to control user access permissions for folders within your site. Access permissions can be dictated on the user or group level.
Permissions can also be layered together between Group and User settings to provide additional customization to suit individual user's needs.
No matter which method you choose to assign folder access permissions, your changes will automatically apply to impacted users upon saving the permission. This is especially useful when adding a new folder permissions for all users within an existing group.
Site administrators can assign users or groups the following permissions:
| Key | Description |
|---|---|
Admin | Able to manage settings for the folder. |
Full | Able to read, write, move, delete, and rename files and folders. Also grants the ability to overwrite files upon upload. |
Read/Write | Able to list and download files and folders, and upload files and create folders. |
Read | Able to list and download files and folders. |
Write | Able to upload files and create folders. |
List | Able to list files and folders, but not download. |
Share | Able to share files and folders via a share link. |
History | Able to view the history of files and folders. (Power plan and up) |
Site administrators will use an identical workflow to create a permission for both groups and users.
To begin, navigate to the appropriate settings page (either Group, User, or Folder).
Use the Add folder permission button to start creating the folder access permission.
Choose the folder you would like to grant permissions for. Sub-folders can be accessed by clicking on the folder icons with a + symbol on them.
Folder permissions must be created one folder at a time. You cannot check multiple folders.
In the Add Permission drop down field, select the appropriate access permission.
Finally, select if you would like this permission to apply to all sub-folders from this folder, or only for the folder selected. If you would like to only apply to the selected folder and not the recursive sub-folders, then check the This folder only (not sub-folders) checkbox. With this setting enabled, you are still able to add additional folder permissions for sub-folders by creating a new permission and selecting the sub-folder desired. A full description of permissions levels and the access they grant can be found in the Terms and Symbols section.
Once added, all permissions will be displayed in the table. You may see an asterisk on a permission bubble in the table. This indicates that access to the specified folder has been granted only to the target folder, but not to any of its sub-folders.
To prevent assignment of permissions to non-admin users at the root folder level of your site, enable the Restrict root folder permissions setting. To find this setting, type Restrict root folder permissions in the search box at the top of every page and click on the matching result. Once this setting is enabled, it will prevent assigning non-administrators any permissions to the root folder of your site.
Files.com also allows Power and Premier plan subscribers to grant groups and users permission to view the event history for a given folder and the files contained within. This is an additional setting to be combined with another access level permission. To enable this setting, add a new (additional) permission and select the history option in the Add permission dropdown box.
Site administrators are able to revise group folder permissions using a similar workflow. There is no way to edit a specific permission, so you can simply delete the folder permission row and add the updated permission setting. This saves time, increases accuracy, and is duplicatable by all administrators on the account.
While in the Folder permissions setting table, choose the row containing the folder path and click the Revoke button and then click the Yes, delete button to confirm deletion. This will permanently remove the folder permission setting.
Additional permissions can be assigned using the appropriate settings page (either Group, User, or Folder).
Additional permissions can be added by selecting Add new permission and selecting the appropriate access permission, and indicating whether the permissions apply to all sub-folders from this folder, or only for the folder selected.
Most administrators prefer to start by setting folder permissions on the group level. When a user is added to a group, either during new user creation or by editing the user profile, they will automatically inherit all folder permissions assigned to the group.
Some examples might include:
- All users in the company have the ability to list and preview all files in the Company Documents folder.
- Non-administrator members of the IT team need full access to all IT department folders and files and view history permissions for all other files on the server.
- Only members of the Human Resources department should be aware of and have access to the HR folder. Anyone within this department can have Read/Write privileges to the files contained within.
To view the and modify the permissions for a particular group, navigate to the group settings using Settings > Groups tab, and then click the group name to open the group profile.
Next, begin adding or modifying permissions as described above. Permissions at the group level should be broad and relevant to that sub-section of users.
Often, site administrators will need to grant additional permissions to folders on an individual user basis. This can include folders not-covered in the group definition or even override a folder permission set on the group level.
To view the and modify the permissions for a particular user, type Manage users in the search box at the top of every page and click on the matching result.
Next, begin adding or modifying permissions as described above.
Only folder permissions granted to the individual user are listed in this table. Group permissions are not displayed in the user's profile.
When a folder is moved on Files.com to a different location, all of its folder permissions, folder settings, as well as notifications will also move. This includes permissions assigned to users and groups.
For Remote Mounts, folder moves initiated from the remote server will not be reflected in Files.com.
Deleting a folder that users or groups have been granted permissions to will remove those privileges from all associated users and groups. Adding a new folder of the same name or restoring the folder will not restore those permissions; they must be granted to each of the associated users and/or groups again.
If the deleted folder was a user's FTP root folder, the folder will be automatically created when the user next logs in, but they will not have any assigned rights for the folder.
Administrators can view, modify, and add both group and user permissions for a specific folder within the folder's settings.
To begin, navigate to the desired folder from the Files panel and then select Permissions.
Click in the Permissions area to view the current group and user access for this specific folder. Remember that any permission bubbles containing an asterisk * indicate that the user/group has permissions for this folder only and not the recursive sub-folders.
Here, you can add and modify permissions as described above.
To ensure consistency in how your site is applying permissions, a site administrator can require all Permissions to be assigned only to Groups, and not to individual users.
With this feature enabled, you can ensure that a group permission framework is followed, and no one - whether accidentally or purposely - grants users individual permissions.
To enable this feature, type Manage all permissions via groups in the search box at the top of the page and click the matching result. Scroll down to change the Manage all permissions via groups toggle. This setting requires the Power or Premier plan.
Enabling this setting will not remove permissions previously granted to individual users.
Files.com does not have an option to exclude only certain child folders from a parent folder's permissions. Other systems (such as Active Directory) call this concept negative permissions. Files.com does not have the ability to synchronize negative permissions from Active Directory.
As a workaround, Files.com does support non-recursive permissions. You can assign non-recursive permissions on the parent folder by checking the This folder only (not sub-folders) option when you create the parent permission. You can then assign additional permissions only on the desired sub-folders.
This also allows assigning permissions at the top-level and lower-level folders, while excluding a middle-level folder. Given the folder hierarchy /Folder A/Folder B/Folder C/, you can assign permissions on Folder A with the This folder only (not sub-folders) option checked and then assign permissions on Folder C.
If your folder structure changes frequently or if it is complex, you should consider restructuring the folders to accommodate the permission scheme required for your use case.
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.
Start My Free Trial