Did you know that you can preserve a folder’s original permissions when restoring it from the trash, moving it, or copying it? Retaining the source folder’s permissions is typically straightforward, but some nuances prevent non-admin users from gaining access to sub-folders to which they don’t have permission.
For example, imagine that Steve, a Power User in your account, copied the Finance parent folder that they only have partial access to into a different folder where they have Owner-level permissions. To prevent an escalation of privileges in cases like this, Power Users do not have the option of inheriting a destination parent folder’s permissions for some move or copy operations; instead, the source folder’s permissions are automatically applied.
This article covers the details and special scenarios you need to know (like the one above) when opting to preserve a folder’s original permissions.
Restoring a Folder from the Trash
When restoring a folder from the trash, account administrators have two options:
- Retain the folder’s original permissions (this is the default option).
- Ignore the original permissions and instead apply the inherited permissions from the parent folder.
This option is not presented when restoring a top-level folder (i.e., directly under Shared), a private folder, or a folder where no permissions were set.
Select Yes, restore original permissions, and click Restore to reuse the folder’s original permissions.
Here are some details to keep in mind when restoring a folder from the trash:
- Keep in mind that only Admins and Power Users who have been given trash management privileges through Egnyte’s role-based administration feature can access all Trash in the Web UI.
Users without this role will be able to access and restore Trash they've deleted by default. Admins can disable this feature in the General settings under the Trash and Retention Policies section.
- Role-based Admins will not see the option to inherit the parent folder’s permissions. Instead, the original folder’s permissions will be applied automatically.
- Role-based Admins will be prevented from restoring a folder if doing so would result in a conflict with an existing same-named folder on the same path. In these cases, only Admins can restore the folder.
- In cases where restoring a given folder results in merging with a same-named folder on the same path, the restored folder’s original permissions will be ignored at each point where there is a conflict. Instead, the existing and more recent folder permissions will be maintained.
- When restoring a mixture of top-level and non-top-level folders, the option to inherit the parent folder’s permissions will be shown. However, top-level folders will still automatically reuse their original permissions.
Moving or Copying a Folder
Admins will be presented with the same two options when moving or copying a folder:
- Retain the folder’s original permissions (this is the default option, but you can change the default on the Security & Authentication section of the Configuration settings page).
- Ignore the original permissions and instead apply the inherited permissions from the target parent folder.
This option is not presented for top-level folders (i.e., directly under Shared, like a Finance or HR folder).
Stick with the default option of Keep source folder permissions if you want to retain the folder’s original permissions. Alternately, select Apply destination folder permissions if you want the moved/copied folder to inherit permissions from the target parent folder.
Non-admin users will not see this option when moving or copying a folder. Instead, the folder’s original permissions will automatically be applied.
Keep these details in mind when moving or copying a folder:
- In situations where the client cannot present a choice (e.g., from WebDAV or while using the public APIs), admins will not see a choice. The source folder’s permissions will automatically be retained in these cases.
- Non-admin users will not be able to move or copy a folder in cases that would result in a folder merge. In these cases, the same rules described above for restoring a folder from the trash will apply, and only Admins will be able to move or copy the folder.
- When moving or copying a folder to the top-level (directly under Shared), the folder’s original permissions will always apply.
- Non-admin users will be prevented from moving or copying a folder from the Shared area to their private folder if they do not have at least Viewer access to all of its sub-folders.