Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
shared/team/folders/access/controls [2019_10_29 17:54]
steven
shared/team/folders/access/controls [2020_05_11 20:38] (current)
steven [Subfolder Access within Private Folder]
Line 3: Line 3:
 {{ youtube>​9J6Zr-6OjaY?​medium }} {{ youtube>​9J6Zr-6OjaY?​medium }}
  
-####Last updated: ​March 72019+####Last updated: ​May 112020 
 The org. admin can manage access to any Shared Team Folder. ​ This means that he can control who has access to a Shared Team Folder, and he can grant access to himself. The org. admin can manage access to any Shared Team Folder. ​ This means that he can control who has access to a Shared Team Folder, and he can grant access to himself.
  
Line 19: Line 20:
  
 ##Inherited Permissions and Managed Folders ##Inherited Permissions and Managed Folders
-When a Shared Team Folder is created, either as a new folder or by converting an existing folder, any folders beneath that folder in the directory tree inherit whatever permissions are applied to that folder (but not necessarily the permission modifiers, which are discussed later in these notes). ​ If permissions are changed on the Shared ​Tea Folder then the folders beneath it inherit the changes.+When a Shared Team Folder is created, either as a new folder or by converting an existing folder, any folders beneath that folder in the directory tree inherit whatever permissions are applied to that folder (but not necessarily the permission modifiers, which are discussed later in these notes). ​ If permissions are changed on the Shared ​Team Folder then the folders beneath it inherit the changes.
  
 Permissions can be changed by a user with the appropriate authority on folders that are beneath a Shared Team Folder in the directory tree.  When this happens, the folder on which permissions were changed becomes a Managed Folder. ​ At the moment that a folder becomes a Managed Folder it stops inheriting access permissions from the folder above it in the directory tree, and changes to the permissions on its parent folder’s permissions no longer apply to the newly created Managed Folder. Permissions can be changed by a user with the appropriate authority on folders that are beneath a Shared Team Folder in the directory tree.  When this happens, the folder on which permissions were changed becomes a Managed Folder. ​ At the moment that a folder becomes a Managed Folder it stops inheriting access permissions from the folder above it in the directory tree, and changes to the permissions on its parent folder’s permissions no longer apply to the newly created Managed Folder.
  
-These permission modifiers are inherited ​by unmanaged subfolders:​ +A new Managed Folder allows no access to any users or roles except those granted ​by the user who created the Managed Folder by changing a permission. ​  The new Managed Folder’s default access level is copied from its parent folder at the time the Managed Folder is created and can be changed independently of the parent folder’s default access level.
-  * List Only +
-  * Web View Only +
-  * Can Share Files+
  
-These permission modifiers are not inherited by unmanaged subfolders:​ +##​Permission Modifiers
-  * Subfolder create disabled +
-  * Upload disabled +
-  * File rename disabled +
-  * File move disabled+
  
-A new Managed ​Folder ​allows no access to any users or roles except those granted by the user who created ​the Managed Folder by changing ​permission  The new Managed Folder’s default ​access ​level is copied from its parent folder ​at the time the Managed Folder ​is created and can be changed independently of the parent folder’s default ​access ​level.+Permission modifiers provide more granular control over permitted operations. This table summarizes the permissions modifiers:​ 
 + 
 +{{ ::​stf_permissions_modifiers.png?​direct&​400 |}} 
 + 
 +Some modifiers are mutually exclusive:​ 
 +  * //Create Shared Links// and //Web View Only// cannot be used together 
 +  * Neither //Create Shared Links// nor //Web View Only// can be used with //List Only//.  
 + 
 +## Subfolder Access within Private ​Folder 
 + 
 +As an advanced example, how can we grant a user or group access to specific subfolders within a private subfolder?​ 
 + 
 +First, grant the use "List Only" permission on any parent folders they don't have access to. This will allow the user to navigate to the subfolders they'​ll have access to, but not access any content. (If this is not desirable Business Groups or Shared Folders may be better fit)If there are multiple parent folders recognize you can also use Permission Inheritance as described above. 
 + 
 +{{ ::​shared:​team:​folders:​access:controls:parent-folder-list-permission.png?​nolink |}} 
 + 
 +Then grant access as desired for each of the subfolders. Note that any inherited permissions will be lost when the subfolder permission ​is added. If still needed they can be explicitly added to the subfolder as well. 
 + 
 +{{ ::​shared:​team:​folders:​access:​controls:​subfolderacccess.png?​nolink |}} 
 + 
 +You can also disable "List Only" access for other subfolders within that parent folder ​(or other parent folders): 
 + 
 +{{ ::​shared:​team:​folders:​access:​controls:​other-subfolders.png?nolink |}}