4.5 User Access Inside Filr

The Filr User Interface lets users access files in different categories. The My Files category can contain files from two different locations: Home folders or Personal Storage.

4.5.1 Net Folders

Users who are granted access to a Net Folder are not restricted by Filr. The file system of the target folder retains complete access control. The level of rights that users have through Filr depends on the system-derived role they have, as explained in, Net Folder Access Involves Four Roles. Roles are automatically derived from users’ permissions on NSS and NTFS file systems, and on SharePoint document libraries.

Figure 4-2 Users’ effective rights to Net Folders are controlled by the file system or library where the Net Folder resides and the Net Folder role that these rights qualify them for

Letter

Details

User Blue is granted all rights to the NSS-based projects folder, except the Erase right (green bar).

Because User Blue doesn’t have the Erase right, Filr assigns the Editor role.

This means that even though Blue has Create (blue) and Modify (purple) rights on the file system, and could exercise them through a file browser, such as Windows Explorer, Blue’s Filr functionality is limited to editing files within the projects folder.

For more information, see Granting Access to Net Folders.

4.5.2 My Files (Home Folders)

Users should have all rights to their server-based home folders.

Letter

Details

Although it is certainly possible that an administrator might choose to limit the file system rights to a home folder, that would seem to defeat the whole purpose behind providing home directories in the first place.

Of course, rights restrictions are completely separate from limiting the available file storage space.

In all cases, if there are file system restrictions, Filr honors them.

4.5.3 My Files (Personal Storage)

Users automatically have all access rights to the Filr-based personal storage assigned to them.

To be available to users, personal storage must be administratively enabled because it is turned off by default.

Figure 4-3 Filr users have all rights to their personal storage through My Files

For more information regarding My Files, see Section 9.0, My Files (Personal Storage).

4.5.4 Shared with Me

User shared-access roles relative to Shares are assigned by the user sending the invitation.

Users sending invitations can only assign shared-access roles up to the level that they have on the file or on the folder and all of its subfolders.

Users receiving and accepting share invitations might or might not have direct rights on the file system or in SharePoint, but that is irrelevant when accessing a file or folder through a share. Individual user rights do not apply to shared items. Shared items in Net Folders (including Home Folders) are accessed on behalf of users by the Net Folder proxy user; shared items in personal storage are accessed through the Filr system itself.

NOTE:Shared files that live in SharePoint are not accessed through Shared with Me, but rather in Net Folders. However, the same principles apply as explained in this section.

For example, if a user already has Viewer access to a file in a SharePoint Net Folder and someone shares the file with the user and grants Editor shared-access role, the user then has Editor access for that file within the Net Folder.