Please login or register to participate.
tamnhuthuy Feb 22, 2011 01:18 PM
Problem with sharing sub-space privilege
Replies (3)
tamnhuthuy Feb 22, 2011 01:27 PM
Can anyone give me some help on this Problem of sharing sub-space privilege.
The case is like this:
- There are 3 group of user: G1, G2, G3
- There are some spaces of of them is S1.
- Inside S1, there are 3 sub space: S1.1, S1.2, S1.3
I give "Can add" and "Can view" privilege of the whole S1 space to group G1. It means G2, and G3 cannot access S1 (by turning off prifvilege of "Logged-in users" and "Inherit permissions from higher levels")
G2 cannot access space S1, but I want to give them access to S1's subspace of S1.3, by granting "Can add" and "Can view" privilege of S1.3 to G2.
S1.3 still Inherits permissions from higher levels.
Logically, I expect that user in group G2 cannot view spaces of S1, S1.1 and S1.2 but they can access subspace S1.3.
But actualy it's not what I get. All user from G2 group cannot see anything from space S1.3.

Can anyone help me on this.
Thanks alot.
romasha Feb 26, 2011 11:43 AM

Interesting question.

When you disable permissions from the parent space in your case "S1" for users from group "G2", they cannot see the space S1 at all.

Further, if you create a sub-space S1.3, and provide access to group G2, they will have acces to this space, but will not be able to see it in the Space navigation on the left. This is because, they do not have Can View rights on the parent space. However, any content added in the space S1.3 will be visible to them and they can also create content in that space or any link shared with them will be accessible to them. You can test this by navigating to the url of space S1.3 directly: http://yourcyninsite/home/S1/S1.3

To avoid this, you can provide View permissions to group G2 on the space S1. Since each space (apart from the Home space) has a workflow "Private to contributors" - such that only contributors get to see the content that they are working on, unless they workflow the content to "Published to viewers" - in this case, they will be able to see only the published content.

Hope this helps.

Please do test this with test users on your site and do share how you finally implemented sharing for your groups and spaces. It will surely help a lot more users use better.
romasha Feb 26, 2011 11:53 AM
Contributors = "Can add" - add / edit any content
Viewers = "Can view" - can only view content published to them
Space Managers = "Can edit" - can customize space, add/remove users from a space etc.