OneOffice Logo

Access Controls

Managing file access control rules & workflows

1. Introduction

OneOffice File Access Control enables administrators to create and manage a set of rule groups.

Each of the rule groups consists of one or more rules. If all rules of a group hold true, the group matches the request and access is being denied.

Access Controls

The rules criteria range from IP address, to user groups, collaborative tags and more.

File Access Controls come in handy for complex cases of data protection. We can think of IP, Patents, Trade Secrets etc. that you want to protect and limit access to.

2. Denied Access

If access to a file has been denied for a user, the user cannot:

  • Create / upload the file
  • Modify the file
  • Delete the file
  • Download the file
  • Synchronize the file with the mobile applications and desktop sync client

3. Getting There

To access the File Sharing administration panel:

  • Click on your Avatar
  • Click on Settings
  • Under Administration click on Access Controls

4. Denying Access Example

Access Controls

  • The first rule group Support denies any access to files for users of the Support user group, between 5pm and 9am.

  • The second rule group Internal testing prevents users of the Internal testers group to access files from outside of the local network.

5. Block Folder Access

Access Controls

The easiest way to block access to a folder, is via collaborative tags.

The example above blocks access to any folder with the tag Confidential for all users part of the group Management.

You need to assign the tag to the folder or file, and then block the tag with a rule group. The check is independent of the user’s permissions for the tag as the block rule is system-wide.

Restricted and invisible tags are recommended, to prevent users from removing or reassigning them.

6. Prevent Uploading of Specific Files

Access Controls

It is possible to prevent specific files from being uploaded to OneOffice (e.g. executables, videos etc.). You simply need to define a rule based on the mime type.

The safest way (but not the only way) is to define the rule via a regular expression, as it will help you cover all the desired media types used for the type of file you're trying to block.

In the example above, zip files are prevented from being uploaded by using the regular expression: