09-05-2019 07:03 AM
Official documentation tells this:
CAUTION:Don't give permissions to users who aren't a member of the site, as this can cause problems with the document library.
What does it mean? What problems we toking about?
If it's a technical problems, why Share search new customer in EVERYONE, but not in the site members list.
It it's a logical problems, how can I work with my project team in one project document librery, and at the same time approve contract with my lawyer, approve finance plan of project with my CFO, logistic documents with my department of transportation etc. According above almost all my company should be a members o project site, and all of them will read all documents of all projects. It's pointless.
Where is my conclusion wrong?
09-06-2019 06:12 AM
Share used to have an action that allowed permissions to be granted only to the coarse grained role groups for the site, but people felt it was too restrictive. Now they allow any user / group to be granted a permission, but have to put up that warning for people not to shoot themselves in the foot.
Essentially, when you grant a person / group permissions on a folder / document, but they are not a member of the site, they could technically access the folder / document, but the Share UI won't work correctly, because some parts of the UI require for e.g. document-details or documentlibrary require the user to be member of the site to access some details about the context.
It generally is perfectly fine and there are no problems if you only use WebDAV on the other hand, e.g. the user / group can access the folder / document by using the direct path, and they should have no issues (unless they try to navigate upwards into parent folders that they don't have access to).
And I beg to differ, but it should not be pointless. Everyone who needs to have access to (some) content in the site needs to be made a site member, e.g. a simple Consumer. Then, in the document library, you should probably make sure that every top-level folder has its permission inheritance disabled, so that not all members can automatically see all the content. And from there on, you can give selective access permissions on the relevant structure (you may have to also disable inheritance in sub-levels if you don't want to give access through every layer).
Also, using Smart Folders may be an easy way to simplify permission management. Instead of having to assign permissions on complex folder structures, you only need to assign permissions at the lowest levels of structures / documents that a user needs access to, and by using Smart Folders, you can then present a virtual folder structure by which they can navigate to the documents / folders to which they are allowed access.
09-07-2019 12:07 AM
Axel thanks, all is clear!
Can you suggest a source where I can glean concept information like you giving here? Book or some thing about organisation of data, concept guide of documents store structure?
09-08-2019 04:24 PM
I am not aware of any source to recommend. So far I have not used any books or other concept guides concerning document management, and most of what I recommend is solely based on project experience.
09-08-2019 06:08 PM
As I expected, expirience, expirience...
Thanks a lot!
Explore our Alfresco products with the links below. Use labels to filter content by product module.