Setting access for folders and objects
iMIS SysAdmins have Full Control access to all folders and objects in the Document System, so they can also define security privileges for every folder and object.
To access the Document System, you must use the Staff site.
Caution
- New folders have unrestricted access: When a new folder is created, the Everyone role is granted Full Control by default.
- Folder permissions are not the same as per-object permissions: you can set Control/Read/Add/Edit/Delete privileges individually for most definition object types in the Security page of its properties window, independent of the folder.
- IQA folders are special: Certain folders within the Document System are exposed through the IQA task list item in Customers, Events, Billing, Fundraising, and Orders. These folders and all sub-folders that they contain behave differently when viewed from the IQA task list item:
- You can create only queries in these folders even if the folder is defined to allow any type of definition object. Only members of the SysAdmin role who edit these folders from Tools > Document System can create the other types of allowable objects.
- If any user modifies the folder definition to disallow the creation of Query objects, the folder and all of its contents become invisible from within an IQA task list item. Only members of the SysAdmin role who are viewing the entire Document System via Tools > Document System are subsequently able to see the folder.
To define security access for a folder
- In the Document System, select a folder and click the Edit toolbar command.
- In the Only allow certain types of objects in the folder? area, specify the objects to be allowed in the folder.
- For the Access Settings, select Private or else select Use a preconfigured security set and select a set from the list, if any apply.
- If you need custom access settings, enable Make this available to and complete the panel.
- For Specific Roles, select the checkbox for each system-defined role that should have access to the folder. For each role, you can click the Edit icon next to the role name to define the specific privileges for that role.
- For Specific Groups and Specific Users areas, add the groups and users that should have access to this folder, and click the Edit icon next to each entry to define the specific privileges for that entry.
- At the bottom of the folder security definition window, click Save to commit the changes.
Multi-select object types from the list by holding Shift or Ctrl while clicking items in the list.
For best performance, use Preconfigured security sets.