Question:
Would it be possible to decouple access control for document content from metadata? A user needs to see a document but may not need access to Audit trails or Sharing Settings visibility.
Answer:
There are a few approaches to this problem.
As far as granularity of access control is concerned, we do separate out viewing, annotating, and editing of the document file from the metadata and sharing settings. This can be defined in the Security Settings tab of the Lifecycle state Admin page.
This does not address visibility or non-visibility. Allow a user to Edit either the file or properties and just set View access on the other.
Make certain properties hidden for a user or group regardless of what status the document has using Security Overrides in the document properties admin page. This is a pretty powerful feature as it makes the property completely hidden from not only Doc Info page, but reporting and searching as well.
Use dependent properties to make certain properties hidden based on the value of other properties. This is not based on the current logged-in user, but rather the other properties of the document.
Finally, if sharing a document (using Send as Link) with an external user, the system shows a document viewer page but not the properties.
Related Documentation:
Vault Admin Documentation:
Send us your feedback: We are always looking for feedback to help improve our Knowledge Base! Please let us know if this article is helpful or provide feedback on how we can improve your experience by clicking here.