Discover how folder sharing works through folder permissions, and grant only the correct roles access to your data
Now that you have decided to organize your data with folders, you may wish to learn more about folder sharing. In this topic, you’ll learn about folder sharing on a conceptual level, but you will also discover how to apply it in practice.
- You know what folders are
- You understand folder privacy settings and folder sharing
- You have one or many private folders from which you would like to control their data access.
Read more about:
When you create a private folder, you are expected to assign one or more roles to it. The roles you decide on will have the ability to operate on the contents within the folder. Meaning that your chosen roles can either add, view, edit, or delete data, depending on their permissions. We call this role authorization.
You can check on what your roles can do by viewing their permissions. Look for these permissions specifically as they determine CRUD (create, read, update, delete) operations:
By double-checking the permissions of your assigned roles, you avoid giving more access and authorization than which you intend.
If necessary, you may want to create a new role specifically for handling the data within your designated folder. For example, if you store generated patient data that should not be modified, you shouldn’t let your generic ‘data writer/reader’ role operate on this folder. So, you may decide to create a ‘Patient data reader’ role instead.
You can either assign folder permissions while creating your folders or while you edit them. The process is similar. However, when editing folders, do bear in mind how changing permissions could lock active systems out – halting processes within your organization and causing critical downtime.
For starters, make sure you are signed into a user with the folders.create or folders.update permission. You can have both or one, depending on whether or not you want to create a new private folder or edit an existing one.
Use your default admin user if you have not set up roles and permissions yet.
Proceed by creating a folder, as is shown in the creating a folder topic. However, as you follow those instructions, check the ‘private folder’ checkbox.
Additionally, you now want to include the roles to which you wish to grant folder access.
Continue as usual, and press the ‘create folder’ button. If you are editing an existing folder, then press ‘save’ instead.
Well done. You have now successfully created or edited your private folder its roles. Only those roles are granted data access and authorization.
If you want to read more about role authorization and permissions, refer to this topic:
- Overview of roles and permissions (coming soon)
Typically, you would unshare a folder by editing your existing private folder. However, you could also delete the folder to remove all data and access. But, because deleting a folder is a somewhat drastic measure, we recommend you unshare by editing your folder instead.
When editing folders, you need the folders.update permission.
Follow these steps:
- Determine which role you want to remove from your private folder
- Select the roles you want to remove and press the left arrow in the edit folder form
- Save your changes
Note: A private folder must have at least one role assigned to it. If you have no roles for this folder, consider giving only your admin access.
Updated 20 days ago