KnowledgeTree Overview > Permissions Overview | KnowledgeTree Document Management Software

The KnowledgeTree repository is secured through KnowledgeTree's Permissions mechanism.

KnowledgeTree includes a set of default permissions, and allows you to configure additional, custom permissions, which are useful where an additional permissions set is required for plugins.

Users are only allowed to perform actions in the system where they have the appropriate permission on the document or folder. This includes the ability to 'view' the folder or document in the folder structure.

Permission	description
Read	Allows the user to view a document and its metadata. The Search and Browse functions do not list a document in search results, or in the folder view, to users who do not have the 'read' permission on the document.
Write	Allows the user to change the content of a document and its metadata, to perform the check out / check-in action, and to create new documents in folders where they have the 'write' permission.
Add Folder	Allows the user to create and edit folders where they have this permission on the parent folder.
Manage Security	Allows the user to configure and edit security options on the folder and on its' content, including edit permission and role allocations.
Delete	Allows the user to delete any file or folder where they have this permission on the parent folder. Note: The Administrative user won't be able to delete immutable documents using the Delete button in Browse Documents, even when they're working in Administrator mode. Immutable documents can only be deleted when using the Delete action from the immutable document's Document Detail page. This ensures that immutable documents are only deleted one at a time, and avoids the mistaken deletion of an immutable document in a mass action delete.
Manage Workflow	Allows the user to change the workflow settings on a document (e.g. perform a transition).
Folder Details	Allows the user to see the name of the folder, the transaction history, and other details linked to the folder name, but they only see the contents of the folders where they have the read permission.
Rename Folder	Allows the user to rename the folder.

The system administrator uses the Security Management link on the Administration menu in DMS Administration to create new permissions, or to delete permissions. Non-administrative users use the Permissions link on the Folder Actions menu in Browse Documents to view permissions set up for specific folders.

Note: KnowledgeTree uses document permissions, whereas file permissions are an operating system construct. File permissions define which files the operating system users are allowed to access on the file-system. File permissions do not map to document permissions within KnowledgeTree - there is no relation between these two concepts.

Permission assigned on this level ...	description
Folder Permissions	Assigned to the creator of a folder, and to the KnowledgeTree administrator Permissions that have been granted to the parent folder are applied by default to the sub folders and documents in the parent folder. When a new folder is created, it will always default to the permissions of its parent folder. Any changes to the permissions of the parent folder are passed down to the sub folders. Users can override the parent permissions, but when changes are made to the permissions of the parent folder, those changes are no longer passed down to the sub folder. The parent permissions can also be re-applied at any time, and this will override the custom permissions that may exist for the sub folder.
Role Permissions	Permissions may be assigned to the Role - e.g. developer. Groups are then added to the Role to allocate permissions of the Role to one or more groups. Role permissions are useful for workflows, because workflows are typically created for the role, and not for the group.
Group Permissions	Folder permissions are granted by group.