There are three different access levels for a document revision. They are:
The operations allowed for each access level are listed below.
Possible Operations/Access | View | Edit | Administrator |
View | X | X | X |
Edit | X | X | |
Check In | X | X | |
X | X | X | |
Undo Check Out | X | X | |
Status Changes | X | ||
Create New Revision | X | X | |
Create New Sheet | X | X | |
Delete Document File | X | X | |
Delete Document | X | ||
Set As Template | X | X | X |
Document Distribution | X | X | X |
Define Approval Routing | X | ||
Define Document Access | X |
Access is defined per document revision for persons, groups and objects and each access line can be enabled and disabled when necessary.
When the asterisk (*) is given as the person ID it is used to represent persons that are not explicitly defined with regard to access rights. These persons will get administrator, edit or view access according to the rights given to the row containing the asterisk.
The highest priority is given to person access, next to group access and finally to object access. For example, if a person ID is defined and given view access and the same person belongs to a group which has edit access, he or she will only get view access.
Since person access has the highest priority, you can also use this when denying someone access. If you want to make sure that someone does not get access to a document revision you can add a person access record for that person and then clear the View Access, Edit Access and Admin Access check boxes, but make sure that the record is enabled. Even if this person gets access to the document revision through a group or object, the person access record will have the highest priority and the result will be that the person will not have access to the document revision.
When the person ID is given as *, the lowest priority is given to the persons represented by it. In addition, if a specific person is given access to the document through an object or a group, or is listed as an individual in the access definition, the priority will apply as defined above.
Object access records cannot be manually added to or deleted from the Document Revision/Access/Definition tab. These lines will be added/deleted automatically as objects are connected to or disconnected from the document. However, the maximum available document access derived from the object will be set from the Definition tab.
If a person only receives his or her access through two different objects, then he or she will get the maximum defined access, i.e., if the person has view access through one object and administrator access through the other, the person will receive administrator access to the document.
The following table shows the access that the user will receive when he or she receives different types of access through the document and the object.
View Access (through Object) | Edit Access (through Object) | Admin Access (through Object) | |
View Access (through Document) | View Access | View Access | View Access |
Edit Access (through Document) | View Access | Edit Access | Edit Access |
Admin Access (through Document) | View Access | Edit Access | Admin Access |
The enabled setting makes it possible to prepare a document by adding access lines and enabling them when releasing the document. When releasing more than one document at once, access can be kept on each document as it is, all enabled lines can be disabled, or you can choose to edit access.
When working with documents, users are given roles which determine their document access levels. Some of those roles are described below.