Permissions per Collection.
Currently Permissions like Manager are for all or for all assigned Collections.
I propose, that these Permissions can be set for each Collection independently.
My use case are different departments which have different Managers, but if Manager1 from department1 is added to a Collection of department2 (from Manager2) he is a Manager there as well. But Manager1 should not be Manager of this Collection.
With this Feature a Escalation of Privileges can be avoided, because if Manager2 adds Manager1 to his Collection as Read-Only User, that Manager1 can change his own access rights to this Collection!
It would be a huge benefit for all larger Companies!
Related topics + references
I wonder how this request doesn’t get more attention. Do other organizations do not care that once a user is a manager, they can manage all the assigned collections and not just particular ones?
Thanks for the feedback everyone, the team is looking at making improvements in this area.
I’d like to create groups and then give those groups individual higher permissions to collections. As it stands you can give higher permissions only to individual users, but then you get very non-ideal things like:
- They can then create any collections they like (I’d prefer to allow people to only generate nested collections and/or folders within collections if that ever gets implemented)
- They get to see a list of all the organisations collections, even if they don’t have access to them - which is a pretty big data leakage issue, in my mind.