Body
Overview
In Perceptive Content, security is set on the drawer level. Each drawer has a standard set of four groups.
Please also refer to the Concepts and Terminology article for detailed explanations of the technical components.
Drawer Security Groups
View
The -View security group allows users to search and view documents in the drawer. It also allows links to the documents to be sent via email. Those links will only work for anyone who has View, Scan or Update rights to the drawer the document is in.
Update
The -Update security group is everything except the ability to print the document. It has the same rights as View plus the standard rights of Scan and the ability to delete documents and / or pages.
Scan
The -Scan security group has the same rights as the View group plus the ability to create or append documents to the drawer (normally through Application Plans) and complete batch processing. Additionally, users in this group can edit the index keys, change document types, modify custom properties, modify notes, re-order pages, and possibly move the document to a new drawer (provided they have access to the destination drawer as well).
The Scan group can be customized based on need. For example, some departments use the scan group to grant the ability to create documents but do not allow the viewing and editing of documents after they have been created.
This group is often used to pass a server-side profile. Server-side profiles make sure that all batches are held in a secured drawer and it standardizes capture profiles (including Import from Disk, ImageNow Printer, and Scanner profiles) across all users and computers with access to that drawer.
Print
The -Print security group allows for both physically printing and sending a document as an attachment via email. In effect, the Print right allows a document to be extracted from Perceptive Content and security. This group does not allow for searching or viewing a document. Therefore, this group must be paired with another security group for the same drawer (either View, Scan, or Update).
Non-Drawer Groups
Folder
In some cases, there may be Scan and Update groups that allow users to add or remove document shortcuts to folders, or modify the active / inactive status of a folder. These rights do not apply to the underlying documents or drawers. Users with folder rights may be able to see a folder, but may not be able to view documents linked inside of it if they do not have an accompanying drawer permission.
WF
These groups are for workflow rights, and should by default have no rights within a drawer. Depending on the specific implementation, users with only workflow rights can see and potentially modify a document while it is in a workflow queue the user has access to. However, the user cannot see or edit the document once it is no longer in the workflow queue.
Annot
These groups assign rights to annotations (normally stamps) and by default should have no rights within a drawer. Depending on the specific implementation, there may be additional Annot groups to view, create, and delete annotations. These rights do not apply to the underlying document, however, and are scoped to just the annotation.