Skip to content
English
More support Customer portal
Home
  • There are no suggestions because the search field is empty.

Setting Document-Level Permissions

In Essal Office, access to documents is controlled at two levels: globally (what a user can do in general) and per document (what a user can do to a specific document). Document-level permissions let you grant or restrict access to individual documents beyond what the user's global role allows.

Why Document-Level Permissions

Global roles determine what a user can do across the whole system. But you may have documents that should be visible to only a specific subset of users — for example:

  • HR documents that only the HR team should see
  • A confidential contract only executives can access
  • Finance documents restricted to the Finance group

Document-level permissions let you handle these cases precisely.

Permission Types per Document

Each document can have the following permissions granted to specific users or groups:

  • Permission: **View**
  • What it allows: See the document in search and list results; open and read it


  • Permission: **Change**
  • What it allows: Edit the document's metadata


  • Permission: **Delete**
  • What it allows: Move the document to trash


  • Permission: **Share**
  • What it allows: Create and manage share links for this document

Setting Permissions on a Document

  1. Open the document
  2. Click the Permissions icon or tab in the document toolbar or metadata panel
  3. In the permissions section:
  4. Under Users, search for and add specific users, then select which permissions to grant
  5. Under Groups, search for and add groups, then select which permissions to grant
  6. Save changes

The Document Owner

The document owner always has full access. Ownership and permissions are independent — changing permissions does not affect the owner relationship. See Changing Document Ownership for changing who owns a document.

Admin Override

Users with the Admin global role can access and edit all documents regardless of document-level permissions. Document-level permissions apply to non-admin users only.

Inheriting Permissions Through Groups

The most efficient way to manage permissions at scale is through groups. Create a group for each team (e.g. Finance, HR, Legal), add users to the appropriate groups, then grant document or tag-level permissions to those groups. Adding a new employee to a group immediately gives them access to all documents the group can see.

See Managing Groups for group setup.

Default Access for New Documents

New documents are visible only to their owner and to admins by default. Other users can only see a document if: - They are granted explicit view permission on that document - They belong to a group with view permission - A global setting grants view access more broadly (admin-configured)