Access to a Cabinet is granted through one or more internal or external User Groups as setup by the Repository Administrator. A Repository Administrator adds internal or external users and assigns each to one or more User Groups. Cabinet Administrators assign User Groups to the cabinet and, when given rights by the Repository Administrator, can also create cabinet level external groups and add external users to those groups. A Cabinet Administrator cannot add Internal users.
Cabinet Membership List (Cabinet Default Access)
Rights can be given to individual users only through a User Group. In other words, if a single Internal User needs access to the cabinet with specific default rights, he or she will need to be assigned to a User Group by the Repository Administrator. If an external person is to be given rights to a cabinet, an external group has to be created with that user as a member.
To add a group to a cabinet, select "Display All Groups" then click "Add" to add the group you want. You can then select the desired level of access for that group.
There are six levels of security in a Cabinet:
View, Edit, Share, Administer (VESA) A group with VESA rights can view, edit, share, and delete documents and other items in the Cabinet. By default, unless your cabinet is using profile-based security or folder rights inheritance, any document or item added to the cabinet can be seen, edited and deleted by a User Group member with VESA rights.
If a group has VESA rights on the cabinet default access, a user needs A (administer) rights to apply the cabinet default access list to a document or folder, because they are giving those users A rights.
View, Edit, Share (VES) A group with VES rights can view, edit, and share documents and items in the cabinet, but cannot delete documents. By default, unless your cabinet is using profile-based security or folder rights inheritance, any document or item added to the cabinet by others can be seen, edited and shared by a User Group member with VES rights.
View, Edit (VE) A group with VE rights can view and edit documents or items in the cabinet, but cannot share or delete documents or items added by others. By default, unless your cabinet is using profile-based security or folder rights inheritance, any document or item added to the cabinet by others can be seen and edited by a User Group member with VE rights.
NOTE: If a user has VE rights to a folder, it means that the user can Add documents to the folder.
View, Share (VS) A group with VS rights can view and share documents and other items in the cabinet, but cannot edit or delete documents. By default, unless your cabinet is using profile-based security or folder rights inheritance, any document or item added to the cabinet can be viewed and shared by a User Group member with VS rights.
View (V) A group with V rights can View documents or other items in the cabinet. By default, unless your cabinet is using profile-based security or folder rights inheritance, any document or item added to the cabinet by others can be viewed by a User Group member with V rights.
NOTE: If a user has V rights to a Folder, it means that the user cannot add documents into the folder.
No Default Access A group with No Default Access will have access to the cabinet and a user in that group can add documents and other items to the cabinet, unless your cabinet is using profile-based security or folder rights inheritance. The user or group will not see any documents or other items such as folders created by others unless they have been given explicit rights to them. By default, this is the access given to an External Group and is the recommended access setting for external groups when using workspaces.
Multi-document Edit Profile setting – You can also restrict the usage of the multi-document Profile Edit option for multiple documents to a specific User Group if you choose. It defaults to "Internal Users" group. A User Group can be defined just for this specific purpose if you choose. Only one group at a time may be enabled to use this feature.
External User Access
Creating cabinet-level users and groups
If you have been given rights by the Repository Administrator, you can create cabinet-level External Groups and associated External Users. If you have rights to do this, you will see the "Create Group" link:
After adding the group, you can add whatever external users you want as members of the group and assign them the desired rights to the cabinet. For your information, groups that you create for the cabinet do not show up as groups in the Repository Administration page. External users that you create and add to those groups do show up as External Users in the Repository Administration page. If you remove the cabinet-level group from the cabinet, the group is automatically deleted as well as the external users who belonged to that group are removed.
Allow External Users to create documents
All users who have access to a cabinet, have the right and ability to add documents to the cabinet. Even if you have given a group "No Default Access" to the cabinet or View-Only rights to the cabinet, members of that group can still add documents to the cabinet.
If you leave the box shown above unchecked, then External Users will NOT be able to create documents in the cabinet regardless of what default rights they have been given to the cabinet.
External members are allowed to use the Email Link option
If this box is checked, external users are allowed to use the email link option, enabling them to send a document link to any user listed in the access list.
ShareSpace Security Features
Cabinet Administrators have the option to allow ShareSpace users to access their ShareSpaces without passwords. This means the ShareSpace user just receives a link that is not password protected. If this option is not enabled, all ShareSpace users will be required to have a username and password.
An Administrator can designate an email address to receive email notifications whenever a user other than a member of the cabinet is added to a ShareSpace within the cabinet. No message will be sent if this field is left empty:
Secure Document Delivery settings
Cabinet Administrators can enable the Secure Document delivery feature by checking the box for "Enable the creation of secured links."
By checking the box for "Do not allow secured links to be copied or sent via desktop email integration" administrators can restrict users' ability to copy the link from the dialog box. This requires them to send the link in an email from the dialog.
Checking the box for "Only allow cabinet administrators to revoke secured links" allows only cabinet administrators to revoke any existing links to a document. Links are revoked on a per-version basis. Revoking links to a version will "lock" the version from being shared via a secure link and will disable all existing links created previously. By unchecking the box, anyone with "A" (Administrator) rights to the document can revoke links.
Administrators can require all secured links to require a password.
Administrators can also disable the 'allow documents to be downloaded' by default.
If enabled, administrators can also determine the maximum expiration date for secure links. If this field is left blank, there will be no maximum limit for expiration dates. If a limit is entered, end-users must enter an expiration date that falls within that range when sending a secure link.
There is also an option to add a BCC email address to all document links and copies emailed from the cabinet.
Designating Cabinet Administrators
A cabinet must have at least one Administrator but you can designate as many Administrators as you like. We recommend at least two Cabinet Administrators per cabinet. A Repository Administrator is not necessarily a Cabinet Administrator. You can also designate users that are not Repository Administrators as Cabinet Administrators. Some firms may need to do this so that these users can administer the cabinet access, particularly if the cabinet is client-specific. Learn about Cabinet Administrators and other administrative options.