I've received a unique request to create a new document subtype for records that will have extremely sensitive information. The requirements are as follows:
- Should be limited to a very select group (accomplished this via user group and adding to the default consumers section of the new document subtype)
- Users with view access should not be able to download the source document (already set since consumer role doesn't have this permission for the relevant lifecycle states)
- REQUEST ADVICE: Users with view access should not be able to download the viewable rendition because the requester wants to limit the ability for the viewers to download and send this document via email. Not sure how to accomplish this since this permission is administered via Permission Sets / Security Profiles. The issue is that the users who will have access to these documents need to be able to download viewable renditions of other document types, but should not have that permission for this new document type.
Any insight or suggestions would be greatly appreciated!