Restrict access to documents in private folders
I would like to obtain some advice on restricting the documents in our users’ private EDMS folders.
In our system currently, any user is able to search for a document in EDMS and display that document if the user has access to the correct document type and document status. This is allowed even if the document sits in another user’s private folder.
Is there any way to restrict access to all documents in the private folders so that only the owner of the private folder can access the documents contained in the folder, regardless of document type or status?
We do not use ACLs. Is it possible to put this restriction in place with standard auth objects only and without the need for each user to protect their private folder and documents with an auth group?
Would appreciate any advice on this.
Christoph Hopf replied
from EasyDMS point of view I think that creating one ACL ADMIN permission for the owner of the private folder would be the best option. As soon as you create the ADMIN permission other user cannot access these documents further. If necessary the owner can add other users to specific documents or subfolders to enable collaboration.
Without using ACLs I think it would be necessary to implement some individual checking routine by using BADIs like DOCUMENT_AUTH01 to restrict access to other users.