Security in Docuo is configured at a basic level by assigning permissions for users and collaborators in folders and categories.
However, there is a third way to add restrictions that is very versatile to further enhance security. The Control step of the category wizard allows you to set rules to control who can change the status of a document, who can view it, or who can modify it, depending on whether a certain condition is met. Each control can be assigned to a number of users or groups of Docuo to which it applies.
The control should be understood as a last barrier, which is applied after all Docuo permission security, and which ultimately determines whether or not the user can perform a certain action.
Two types of access can be configured in the control:
- “Check that only”. This means that the control will only grant access to the users specified by this “barrier”. The rest will not be able to pass.
- “Prevent that”. Means that the control will deny access to the users specified by this “barrier”. The rest will be allowed to pass.
The actions that can be controlled are:
- Controlling the progress through a transition.
- Control the undo of a transition (New).
- View the documents in a state.
- Modify the documents in a state.
- View documents that meet a condition.
Modify documents that meet a condition.
There are two types of advanced conditions that allow you to specify a condition: View and Modify. Conditions allow you to enter a T-SQL conditional formula so that control occurs based on each document’s own metadata depending on whether or not the formula is met.
For example, if we want a certain group of users not to be able to see the documents that are of “Confidential” type , we could establish a control such as:
The condition would be a filter, of the same type that we can configure in the fields drop-down list to another category where we specify in T-SQL language the conditions of the filter:
Thus, when the users belonging to the “EXTERNAL – Clients” group accesses a folder, the category itself or a consultation, they will not be able to see the documents of this category whose type is “Confidential”.