Hyland Connect

thedramatic · ‎02-09-2011

Hi folks,

is there a way to explicitly deny a user to see specific folders in a space.

Group A: Engineer1 Engineer2
User:      NonEngineer1

Space 1        accessable and visible by Group A
Space1.1    inherits
Space1.2    inherits
Space1.3    inherits but is also visible by NonEngineer1

My Problem is that NonEngineer is not able to navigate to Space 1.3 because he can not see Space1 at all.
I could change permissions on Space1 by explicitly adding NonEngineer1 to the consumer List BUT:

I don't want NonEngineer1 to even see that there are other Spaces than his own Space1.3.

Reason NonEngineer1 is from a cooperating company and might be upset that he is not allowed to see all Space1 contents.
So I need a role that explicitly hides Space1.1 and Space1.2 from NonEngineer1.
I tried to find any restricting permission in permissionsDefinitions.xml but could not find one. They seem to only allow operation but not restrict them.

A possible solution would be to add NonEngineer1 as Consumer to Space1, remove the "inherit" mark on Space1.1 and Space1.2 and add Engineer1 and 2 to Space1.1 and 1.2.
But imagine that I have about 100 Space1.x folders. That would be a lot of work, be very unflexible and Groups would be useless at all.

Hope you can help me.
Thanks in advance.

thedramatic · ‎02-14-2011

bump

andy · ‎02-16-2011

Hi

You can use deny (but not via the UI) but this would break navigation.

You could expose them in another folder with secondary links to the files.
Permissions are inherited via the primary association.
So if a user can not see a file it is not visible via the secondary links.

You should be able to get a rule to make the secondary associations for you - you would have to write some script.

A folder defined by query would help your use case but that is not yet supported.
Query would return what they can see regardless of navigation.

Andy

Hyland Connect

Is there a Restricting Permission?