Group Level Permissions
Most administrators prefer to start by setting folder permissions on the group level. When a user is added to a group, either during new user creation or by editing the user profile, they will automatically inherit all folder permissions assigned to the group.
Examples of access control configurations might involve granting all company users the ability to list and preview files in the Company Documents folder, providing non-administrator members of the IT team full access to all IT department folders along with view history permissions for all other files on the server, and restricting access to the HR folder exclusively to members of the Human Resources department, who can then have Read/Write privileges for the files within.
Edit a group to assign or manage the folder permissions for that group.
Permissions at the group level should be broad and relevant to that sub-section of users.
Multiple Group Permissions
When creating or editing a folder permission, selecting a group allows adding additional groups to the same permission. In the permissions table, multi-group permissions display as a single row with group names joined by AND. Single-group permissions display the group name only.
When you create a folder permission for multiple groups, the permission only applies to users who are in every group for the permission. For example, if you have a Managers group and an East Office group, you can create a single folder permission associated with both groups. Only users who are members of both groups receive the permission. Users who are in the Managers group but not in the East Office would not be granted any folder access by the permission.
Multi-group permissions are also useful when access to a folder should only be granted to users who belong to a specific combination of role and responsibility. For example, a folder containing sensitive HR documents for a specific client can require membership in both the HR group and the Client A group. A user who belongs to only one of those groups will not have access.
Requiring That Groups be Used for All Permission Assignment
To ensure consistency in how your site is applying permissions, a site administrator can require all Permissions to be assigned only to Groups, and not to individual users.
With this feature enabled, you can ensure that a group permission framework is followed, and no one - whether accidentally or purposely - grants users individual permissions.
You can enable this Manage all folder permissions via groups option within your site's Group settings.
Enabling this setting will not remove permissions previously granted to individual users.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes