Who sees what? You can decide.
Permissions allow individual users, types of users, and groups to do certain things with your items, such as read, write, or remove. Use permissions to control who can see and change your files and folders. Similarly, your instructor may use permissions to control the content that students or other course participants can see and edit.
After content is added to the Content Collection, permissions must be granted to make the content accessible to users and groups of users. Permissions allow users to perform certain actions on items in the Content Collection, ranging from read only access, to editing, managing and removing content. You can configure permissions for individual files or for entire folders and all of the folder contents. Permissions may behave in combination so it is important to understand what each level of access means.
If you link to your items outside of the Content Collection, be sure to grant permission to the appropriate users so the links work. Without permission to view the item, a user will see an Access Denied message if they follow a link to the item in a course or portfolio.
The following permissions are available within the Content Collection:
- Read: Users have the ability to view files or folders.
- Write: Users have the ability to make changes to files and folders.
- Remove: Users have the ability to remove files from the folder or the folder itself.
- Manage: Users have ability to control the properties and settings of files and folders.
When a user searches for files or folders, or attempts to manipulate files or folders (for example, using copy, move or remove), the user will only be able to view and alter content based on the existing permissions. For example, if a user searches for an item to which he or she does not have Read permission, the item will not appear in the Search Results.
Some users have default permissions to specific folders. In this case, various permissions are automatically granted to specific folders.
- User folders: These folders appear under My Content in the Content Collection menu. A user has Read, Write, Remove, and Manage permissions for his or her user folder. The Administrator determines the availability of these folders on a system-wide basis.
- Course folders: These folders appear under the Courses area on the Content Collection menu and are used to store content for specific courses. Instructors, Teaching Assistants, and Course Builders have Read, Write, Remove, and Manage permissions for the folders for their courses. The course folder is automatically created the first time one of these users accesses the Content Collection. Other course users (such as students) who are enrolled in a course do not see this folder because it is intended to be a workspace for course developers. Students must have read permissions to access a course folder. Organization user folders function in the same way as course folders.
- Institution and Library Content folders: All users with system accounts have read permission to these folders.
- Course folders within eReserves: All users enrolled in a course have read permissions to the specific course folder in eReserves.
Any user with Read and Manage permission on a file or folder may grant permissions to other users and user lists.
Users and groups of users may be granted one or more permissions. For example, Read permission for an item may be granted to an entire course list. The owner may grant additional permissions to single users within the course list. Permissions may be edited for subfolders and files within a folder.
User access to a file or folder is controlled through the Manage Permissions page. You can grant permissions for users individually, in groups, or by role.
When permissions are granted on a folder, they apply to all subfolders and files within the folder.
It is helpful if users organize folders in a way that allows them to manage permissions by folder, rather than by file. For example, create a folder that contains all files used in a group project. This way the entire folder may be shared with the group members, rather than trying to manage permissions on separate items stored in different folders.
Only read permission should be added to a top-level folder, for example the username folder. Any time a permission is added or changed on the top-level folder, check any subfolders or files designated as private and verify that additional permissions have not inadvertently been added that would expose protected information.
When adding folders and files to the Content Collection, keep in mind which users and user lists the content will be shared with. Try to create folders in which all items are to be shared with the same users. When items shared with the same users are spread out among different folders, it may become very difficult to manage. For example, if the user plans on creating documents that will be applicable to all users at the Institution, they should create a folder that will be shared with all system users, then add the specific items to this folder.
Files are automatically available to the user that added the file but must be shared if other users are to view the item.
Files inherit permissions from the folder they reside in. This means that if a file is added to a folder that already has read and write permission for certain users or user lists, the those same users will also have read and write permission on the newly added file.
When editing or adding permissions to a parent folder, users have the option to force all files and subfolders to inherit these permissions. For example, if the read and write permissions are added to the folder, and an item within the folder has read, write, and remove permissions, remove permissions are removed from the file. All subfolders and files within the parent folder would be granted read and write permissions.
If this option is not selected, the files and subfolders are automatically granted any additional permission given to the parent folder, but existing permissions are not removed. For example, if read, write and manage permissions are added to the folder, and an item within the folder has read, write, and remove permissions, the permissions for the file would remain read, write, and remove, and manage would be added.
After editing permissions on a folder, the user may edit the permissions on an item, but these will be overwritten the next time permissions on the parent folder are changed. This is one reason storing items with the same purpose and audience in a single folder makes managing permissions much easier.