Utopia Articles of Permissions (2020)

Utopia Articles of Permissions

This file is to explain the over-arching permissions strategy

Node Permissions

Every node inherits it's permission set from it's parent by default.
a. A node's permission set consists of accumulating all permissions on and above the given node.

b. The permission set requires that the roles be unique. (One permission per role in the permission set collection)

c. In the case that more than one permission per role is found, (e.g. group has a permission on the cabinet and a different permission on the drawer) the closest permission is taken for evaluation.
Only member/personal roles can have the override/enforce permission.
The Override/Enforce permission, when checked on a member/personal role, results in all other permissions being ignored for evaluation.

a. If multiple permissions are found with override checked, the nearest permission is choosen for evaluation.
Pushdown is an action offered when a permission is added, updated, or removed.

a. When taken, it removes all permissions on descendants that have a matching role.

System Permissions

These are permissions for a specific role to access certain system features. (e.g. workflow, manage users, recycle bin, etc.)
A particular users' total system permission set consists of any system permissions assigned to their personal role, or any roles they are a member of.

Non-Inheritable (Only this item) Behavior

Expected behavior for various parent folder with inheritable permission and a sub folder w/ non-inheritance(Only this item) relationships.

Vocabulary:
Parent = Parent with inheritable permissions
Child = Child with NotInerhitable(Only this item) permission
RWD = Permissions (Read/Write/Delete)

Behaviors:
E = Edit/Rename Child
D = Delete Child

V = View Children of Child
C = Create folder or Upload File into Child
L = Delete children of Child

	No Parent Permissions	Parent-R	Parent-RW	Parent-RWD
Child-R		V	VC	VCL
Child-RW	E	EV	EVC	EVCL
Child-RWD	ED	EDV	EDVC	EDVCL