You are here: Home / Documentation / How To's / How to avoid permission confusion

How to avoid permission confusion

by nguyen — published Sep 24, 2009 12:42 PM, last modified Aug 16, 2016 10:50 AM
You thought you'd set up Sharing permissions on a folder for a small group, but people not in the group are still able to see the folder. Why is this happening?

Let's say you just created a folder called "tenure/renewal", and, using its Sharing tab, you granted Can Add and Can Edit to a group called "Tenure/Renewal".  You made sure to uncheck the box "Inherit permissions from higher levels".

 sharing tab

However you find out that someone who isn't in the Tenure/Renewal group is still able to view your intranet folder.  How is this possible?

Check your "prefs_group_overview" page (you can get there by appending "/prefs_groups_overview" to your site's URL, or you can click on Site Setup -> Users and Groups then click the Groups tab).


If the person in question is a member of another group (in this case, the person was a member of the History Department group), your problem may be that the group(s) he/she is a member of has been granted roles.  The roles granted to groups on this page are global to the site, and those global roles cannot be "barred" by unchecking the Sharing tab's "Inherit permissions from higher levels" checkbox.

The solution is to either remove the person from those other groups, or, if possible, remove the global roles from those other groups (but be sure to leave the Administrators group with the Manager global role!).