Imagine the following Group Folder arrangement (using Jonny Decimal notation):
- 51_Personnel
– 51.01_Appraisal_reports
– 51.02_Policy
I have two groups of users: default and hr. Every user is a member of default. Only members of the Human Resources department are members of hr. In the above folder structure everyone should be able to view the contents of 51.02_Policy; on the other hand 51.01_Appraisal_reports contains confidential information and the contents should only be viewable to members of hr.
Enabling Advanced Permissions on the 51.01_Appraisal_reports folder I set up the folder’s view permission as allow for hr and deny for default.
Now when hr members visit 51_Personnel they can see both sub-folders and enter them. When default only members enter 51_Personnel they only see 51.02_Policy and cannot see 51.01_Appraisal_reports at all.
This is unexpected behaviour. I would (subjectively) expect that members of default would be able to see that the folder 51.01_Appraisal_reports exists, but would not be able to see what is inside the folder. As it is they just do not know the folder exists at all.
Is this how advanced permissions on Group folders is meant to work, or have I set it up incorrectly? Following on from that is there a way to set up permissions so that the existence of folders is not hidden; but rather the folder is there to see while the contents themselves cannot be viewed?