Any organization has its hierarchy of authority that describes the responsibilities and powers of employees. Each employee has a specific role in the company and a level of access to information.
In QuickBPM you can specify who is allowed to view, edit or delete files, folders, and documents as well as change their access settings.
Access to documents
Access permissions to an app can be configured depending on the employee's position or role. For example, employees can view, edit or delete only those invoices that they have added themselves. However, the CEO has full access to all invoices created by their subordinates.
To manage access settings, open a document app and click the gear icon to the right of the app's name. In the drop-down menu select Access Settings.
The Access Settings page will open. The default option is All users have access to the app and all its items. This means that any user in the system can create, view, edit and delete documents.
Choose the option Restrict access to data to configure granular access permissions. It allows you to select employees and specify what actions they are allowed to perform with documents.
There are two ways to restrict access to app items:
- Restrict access to app
If you select this option all documents in the app will have identical access permissions. For example, all users will be allowed to view documents, while only managers will be able to edit and create documents.
- Restrict access to app items
If you select this option, access can be configured individually for each document in the app. Specify permissions that should be given to all documents upon creation; then open the viewing form of a specific document and configure individual access settings.
For example, you can grant full access to documents exclusively to their authors. In this case, when opening an app page, an employee will see only those documents that they created themselves. The documents added by their colleagues will be hidden since only the author has permission to view them. If an employee wants to share a document with someone inside the company, access to this specific person is provided on a document viewing form.
Types of access permissions to documents
- View/Read – users can view the app item. Items of the Document type can be downloaded to PC.
- Create – users can create new app items.
- Edit – users can edit the existing items, change their names and, in case of Document type items, add file versions.
- Delete – users can delete app items.
- Assign Permissions – users can grant permissions and limit access to app items for other users. This option is available only if the Restrict access to app items is enabled.
- Full Access – all the above-mentioned actions are allowed.
Individual access permissions to a document
If you have selected the option Restrict access to app items, you will be able to provide/restrict access to specific documents within the app. To do this, go to the app page and open the item. In the preview window, click the lock icon in the top right corner.
In the window that opens, you will see two sections: Common permissions for app items and Specific permissions.
- Common permissions for app items.
Here you can see the access permissions as configured for all the documents in the app. These permissions cannot be changed in this window.
- Specific permissions.
Access to files
By default, files inherit permissions from the parent folder, however individual access permissions can be set for certain files if needed.
Please note, you can change access settings if you are a system administrator, the author of a file or folder, or if you are allowed to assign permissions.
To manage access to a file or a folder, go to the Files section, select an item and open the menu with available settings. To do this, click on the three dots icon to the right of the file or folder name. After that select Manage Access.
Access permissions are grouped in two sections: Parent folder permissions and Specific permissions
- Parent folder permissions.
By default, all new files and folders inherit the permissions of the parent folder. They are displayed in the upper part of the window and cannot be edited, but you can deselect the option of inheriting parent permissions.
- Specific permissions.
Here you can give access to a folder or document to someone else, except for the employees listed above. To do this, click on the + Add button. In the window that opens, select a user, a group of employees, or an item of an organizational chart.
Types of access permissions to files and folders
- View/Read – allowed to view the file/folder, as well as download file versions to the local computer.
- Create – allowed to create files in the current folder. This option is available only for folders.
- Edit – allowed to make changes to the file contents, add versions, rename and move folders/files, create links.
- Delete – allowed to move the file to the recycle bin. This option is not available for folders.
- Assign Permissions – allowed to give and restrict access to the file/folder.
- Full Access – all the above actions are allowed.