Manage Access Permissions

For advanced operations, you can set up access permissions based on users, groups, and gateways.


There are three permission levels (what level of access is allowed):

  • Read/Write (RW) access - full access
  • Read-Only (RO) access - limited access
  • No access


There are three permission types (how the permissions are defined/controlled):

  • User based share permission (including guest access option)
  • Group based share permission
  • Gateway based share permission


The access permission will be defined by the most restricted permission control. For example, if a user has Read/Write permission to a share, but the gateway has read-only access to the share, then the user will have read-only access permission to the share. If that gateway is the only gateway in the team account, then that share is read-only regardless of the user's permissions.


There are two ways to manage permissions for the share: the FILE SYSTEM page and the DEVICES page.


Manage Permissions from the FILE SYSTEM page

From the FILE SYSTEM page, you can specify access permission to the share by user or by gateway.


When a SHARE is created, you can specify which gateway has access to the share - "All Gateways" or "No Gateway".


Select the "Gateway Permissions" dropdown list.



Choose "All Gateways" or "No Gateway". For security reasons, it is recommended to choose "No Gateway" first and then assign the appropriate shares to the gateway.


Screen%20Shot%202016-10-07%20at%204.57.01%20PM.png


Manage Permissions to Share by Gateway

To manage the gateway permissions after the share is created, click the pencil icon next to "Gateway Permissions" in the Manager Share panel.


Screen%20Shot%202016-10-07%20at%206.20.50%20PM.png


You can assign the permissions (read/write, read-only, or none) for each gateway. In this case, "SanFrancisco" is the local Gateway and "London" is the remote Gateway. "Team Portal" is the virtual gateway accessed via the web browser or Morro Connect.


Screen%20Shot%202016-10-07%20at%206.31.19%20PM.png

In this figure, the share has read/write (full access) from the San Francisco office (via SanFrancisco), read-only from the London Office, and is not accessible from the web-based Team Portal.


Make sure to go BACK to Manage Share panel and SAVE your changes.


Manage Share Permissions by User

Click the pencil icon next to "User Permissions" in the Manage Share panel to manage User and Group based Share permissions.


Screen%20Shot%202016-10-07%20at%206.27.39%20PM.png


In the following image, the example shows a share with Guest Access disabled and default access set to "No Access". This means that users and groups not in the exceptions list cannot access the share. In exceptions list, groups "Accounting" and "Executive" are given Read/Write access and user "cjoseph" has Read-Only access permissions.


Screen%20Shot%202016-10-07%20at%205.39.39%20PM.png


Manage Permission from the DEVICES page

When adding a gateway, you can set the shares the gateway has permission to access as "All Shares" or "No Shares".


Screen%20Shot%202016-10-07%20at%207.13.00%20PM.png


To manage the share access permission for a gateway, click on the device badge for the gateway to open the Manage Gateway panel.


Screen%20Shot%202016-10-07%20at%207.17.35%20PM.png


Click on pencil icon next to "Accessible Shares" panel. Assign the permissions (read/write, read-only, or none) for each share.


Screen%20Shot%202016-10-07%20at%207.40.06%20PM.png

In this figure, the gateway has read/write (full access) to shares "Accounting", "HR", and "Sales", etc., it has read-only access to the share "Design", and it is not have access to "Rassilon".


Make sure to go BACK to Manage Gateway panel and SAVE your changes.


The Manage Gateway panel gives an overview of the accessible shares. The following image shows the Share access permission defined for the gateway G-Amsterdam:

  • Share "Account (Ac)", "HR (HR)", "Sales (Sa)" all have full-access permission from Gateway "SanFrancisco". It shows Green dots on the Share Icons.
  • Share "Design (De) is read-only which is indicated with a Orange dot on the Share Icon.
  • Share "Rassilon" is not accessible from Gateway "SanFrancisco" and there is no Share Icon listed for this Share.


Screen%20Shot%202016-10-07%20at%207.43.59%20PM.png