Thycotic Community Forum

8/17/2010 6:35:59 AM Ryan P Posts: 4	I would like to request that the "Require View Permission on Specific Folder for Visibility" setting be added or perhaps moved from general configuration to role configuration. With this setting we would allow the administrative roles to see the overall structure while limiting the visibility of the user roles to their respective folders. In addition it would be nice to be able to further manage folder structure without having the view permission. Thanks, Ryan P.
	0 • link
8/17/2010 7:18:11 AM Ryan P Posts: 4	To elaborate further on the additional folder management, I would like the administrative role to be able to create sub folders on a folder for which they have no view permissions. These folders should inherit the permissions of the parent folder. Thanks, Ryan P.
	0 • link
8/24/2010 5:50:57 AM Tucker Posts: 87	Hello Ryan, The ability to split out the 'Require View Permission on Specific Folder for Visibility' by Role would be a useful feature. I see how allowing Administrators to manage folders and Users not see them as a benefit. I will add your description to our Feature Request list. To clarify when you say the administrators can see folders, would they be able to see Secrets in those folders or only the folders themselves? In the current system, you could Enable Unlimited Administration Mode that would allow the administrators to see all folders regardless of View Permission. The issue is then the Administrators will have access to all Secrets as well. -- Regards, Tucker
	0 • link
8/24/2010 6:15:45 AM Ryan P Posts: 4	Tucker, Thank you for the reply. The request would be for folder (structure) view and creation permissions only. This would allow an Administrator to see the overall structure while not necessarily seeing the secrets unless they have the view permissions for that folder already. The creation would allow the administrator to then create folders where he/she does not have view permissions. These folders would inherit the permissions of the parent folder. Another suggestion would be to allow users to do the same. That is to create folders that inherit parent permissions only. The issue is a user with the folder administration role is able to change the permissions at their root folder, or anywhere else they have view rights. breaking their access and others in the process. Thanks, Ryan P.
	0 • link
8/24/2010 7:30:38 AM Ryan P Posts: 4	Correction: Anywhere the user has ownership rights, which they would need for this role. "The issue is a user with the folder administration role is able to change the permissions at their root folder, or anywhere else they have view rights. breaking their access and others in the process." Ryan P.
	0 • link

---