Skip to content
English
More support Customer portal
Home
  • There are no suggestions because the search field is empty.

Common Permission Scenarios

Managing permissions can feel complex at first. These practical scenarios show how to configure access for the most common real-world situations.

Scenario 1: Everyone Sees Everything

Context: A small team of 3–10 people, no sensitive interdepartmental data.

Setup: - Global default visibility: All users - No document-level permissions needed - All users are regular users; 1–2 are admins

Result: Every user can see all documents the moment they are uploaded. No permission management overhead.

Scenario 2: Department Isolation

Context: Multiple departments where Finance, HR, and Legal should not see each other's documents.

Setup: - Global default visibility: Owner only - Create groups: Finance Team, HR Team, Legal Team - Add users to their respective groups - Create workflows that auto-grant view + change permissions to the appropriate group based on document type: - On Invoice or Receipt → grant Finance Team - On HR document → grant HR Team - On Contract or Legal → grant Legal Team

Result: Documents are private by default. Each department's documents are automatically visible to the right group. Admins see everything.

Scenario 3: Finance Team Lead with Full Edit Access

Context: Finance team members can view but not edit documents. The Finance Team Lead needs full edit access.

Setup: - Grant Finance Team group: View permission on finance documents - Grant Finance Lead group (or individual user): View + Change permission on the same documents

Result: Finance staff see and download documents but cannot change metadata. The lead can edit.

Scenario 4: Temporary Auditor Access

Context: An external auditor needs to review a specific set of documents for 2 weeks.

Setup options: - Option A (no account): Generate share links for each relevant document. Revoke them after the audit. - Option B (temporary account): Create a user account for the auditor, grant View permission on the relevant documents or a group, set account to inactive after the audit period.

Option B is better if the auditor needs to access many documents. Option A is simpler for just a few.

Scenario 5: Onboarding a New Employee

Context: A new Finance staff member joins.

Steps: 1. Create their user account 2. Add them to the Finance Team group 3. They immediately inherit all permissions that group already has — no further configuration needed

Result: Onboarding is one step for the admin. The new user has the right access from day one.

Scenario 6: Shared Read-Only View for Management

Context: Managers should be able to see all documents but not edit them.

Setup: - Create a Management group - Global default visibility: Owner only (or grant through documents/workflows) - Workflows auto-grant View permission to Management group for all new documents

Result: Management sees everything; cannot accidentally edit documents.