Understanding file and folder privileges
The administrator provides access to files and folders by assigning privileges to users and user groups. Privileges determine what volume content a user can use. Additionally, when a user schedules a file job, the user can specify privileges on the job to share the job with specific users or user groups.
Working with folder privileges
Table 2‑5 describes the access privileges that the volume supports for a folder.
Table 2‑5 Folder privileges
Read or visible
A user can see the folder.
A user can create, change, and rename the folder.
A user can delete the folder.
A user can change privileges on the folder.
Privileges for volume folders differ from privileges for folders in other file systems, such as Windows and Linux, in the following ways:
*Read privilege on a folder does not extend read privileges to items in the folder.
*Write privilege on a folder does not include read or delete privilege.
*Grant privilege is separate from write privilege.
Working with file privileges
Table 2‑6 describes the privileges Information Console supports for a file.
Table 2‑6 File privileges
A user can delete the file.
A user can change privileges on the file.
A user can open and download the file.
A user can execute a file if the user has both execute and one of the following privileges on the file:
*Secure read
A user has all privileges on a document the user creates.
Secure read
Restricts viewing of a document to HTML format and prohibits downloading. Typically, the volume administrator assigns Secure read privilege to a user accessing BIRT documents with the BIRT Page Level Security option. As an example, a developer creates a design that uses the BIRT Page Level Security option. The volume administrator assigns a user secure read privilege on the document. The user’s ID determines what parts of a document generated from a BIRT design using BIRT Page Level Security the user can view.
Read privilege overrides the secure read privilege. If a user has both read and secure read privileges on a document, the user can view and download the entire document.
Trusted execute
Permits users to execute an information object without having execute privilege for an information object’s underlying data sources. This privilege applies only to Actuate information object (.iob) files and data source map (.sma) files. Only a user with administrator privileges can grant the trusted execute privilege.
A user can see a file in the Files and Folders list, but not open it.