Documents permissions - General concepts

Modified on Thu, 22 Dec, 2022 at 10:52 AM

AGIR offers you multiple options and functions that allow you to manage access to your documents in a controlled and safe way. By using one or some of the options described down below, you'll have the possibility of publishing the right document to the right user.


This article is very important :)

Understanding the permission system ensures the effective implementation of your AGIR.


There are six permission levels:


1. AGIR Administrator - Total access (reader, property editor, deleting, changing status, etc...) 

2. Workflow Administrator - Total access (reader, property editor, deleting, change status, etc...)

3. Reader - Consult/reader access.

4. Task/workflow step owner (editor, approver, etc...) - Writer access (reader, properties editor, task owner, etc...)

5. Folder reader - Reader access.

6. Subscriber - Reader access.


Below, I've included for you every explanation about all those mechanisms, what's their utility, and how to set up each one of them. 


1. AGIR Administrator

AGIR Administrators have access to all documents in AGIR. Besides, they can edit its properties, change its status, delegate tasks, approve, delete documents, etc...


They assume the traditional administrator role for all workflows and document management.


AGIR administrators don't have permission to edit or approve documents (take part in workflow steps). For that, they need the Task Owner's permission.


To create a new workflow administrator, please read this tutorial: Setting General Permissions - Administrator, Staff Manager, and Equipment Manager.



2. Workflow Administrator

You may have special users that aren't AGIR Administrators but are administrators of a specific workflow.


Workflow Administrators have access to all documents of a specific workflow. Besides, they can edit document properties, change the status, delegate tasks, delete documents, etc... 


Workflow Administrators don't have permission to edit or approve documents (carry out workflow steps). For that, they need the Task Owner's permission. 


To create a new Workflow Administrator, read this tutorial: Configuring document workflows' permissions - Workflow steps, Administrators and readers



3. Reader

You may have other users that aren't administrators but have Reader access to all documents of that specific workflow. They don't need access to folders or be notified to have access to the documents.


This level of access can be useful to, for example, Top Management, which should be able to read all of the documentation.


There are cases where you want all users in your organization to have access to all the documentation. 

In that specific cases, the simpler way is to give Reader permissions to all your users.


This access grants reading rights only. The users will not be able to edit documents or their properties. To create a new workflow Reader, check this tutorial: Configuring document workflows' permissions - Workflow steps, Administrators and readers.



4. Task/workflow step owner

These users intervene in the edition, verification, and approval of the documents (workflow steps). Workflows are composed of steps and each one will have its owner.


These task owners take the workflow task (eg.: edition or approval) and, automatically, get reader permission, edition of properties, and execution of their tasks/step.


As the task owners execute their tasks, they become document readers.


To give users the task owner permission, follow the steps in this tutorial: Configuring document workflows' permissions - Workflow steps, Administrators and readers


 ATTENTION  A task owner will not have access to all the workflow documents. They will only will have automatic access to the documents in which they've participated.



5. Folder reader 

An efficient way of managing access to documents and organizing it by themes is by creating folders.


You can create folders and subfolders freely. Each folder can have accessed by different groups of users, and each document can be added to multiple folders.


This way, you have total freedom to define access to the documents. Each user will have Reader access to all of the documents added in the folders, to which he is subscribed.


We recommend this option to large organizations with many users, for more complex document management systems, or when there are confidential documents with restricted access.


For more information concerning how to manage folders permissions, read this article: Documents folders - How to create and set permissions



6. Notification - access to documents through manual notification

It's possible to create additional access through the Notification' system. The users who are notified, receive an email and a link to the document. This user has Reader permissions, meaning, he can't edit the document or its properties.


This system may also be useful in addition to the previous ones. For example: do you wish to notify a special user who doesn't have access to the documents folders or any other access described above? In that case, simply make a manual notification to create this extra access.


For more information on managing permissions through the notification system, read this article: Notification- Why is it helpful and how does it work?


If you need any help or intend to know who has access to a document and why, consult the access list, as shown in the image below:



 TIP  In your organization, should all users have access to all documents? If that's the case, activate the Reader permission to all users. Does your organization has many users and it's necessary to securely differentiate access? In this case, activate the folder permission. Then, use the manual notification to manage exceptions.


 ATTENTION  The access levels are cumulative. A user can have permission on the document based on one or several access modes described above.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article