Content, Site and System administrators (only) can move files and folders to a different location in the Files module.
This article describes how permissions are applied to files that have been moved.
If you do not have the required permissions, please contact your admistrator.
Permissions and inheritance
When a folder or file is moved, the permissions that apply to that item will be impacted by its new location, as well as by how file security is configured for the site.
Site-Level Security - If permissions are set up at the site level so that every folder and file inherit security from the top-level folder, moving a folder or file will not have any impact on the permissions applied to the item that has been moved.
File- or Folder-Level Security - If permissions can be set at the folder or file level, then the permissions applicable to the moved item may have been changed by the move.
Inherited Permissions - If the folder or file that was moved was already set up to inherit permissions from its parent, then the folder or file will instead inherit the permissions of its new parent folder, which could potentially be different from the permissions of the previous parent folder. For example, imagine there are two groups on a site: Internal Users and External Users. For all content, Internal Users have Add File rights. For most content, External Users have read-only (View file) access. However, there is one folder, Internal Access Only:
That has broken inheritance and External Users have no access to it:
This subfolder contains a series of subfolders, each of which inherits security from Internal Access Only, their parent folder.
If one of the subfolders and its content -- which currently is not accessible to External Users but which is set up to inherit permissions -- is moved to the top-level folder, where Internal Users have been granted read-only access, it will inherit the permissions of its new parent, giving External Users read-only access to the subfolder and its contents.
In this case, the permissions applied to the moved object are enhanced. It is also possible to restrict the permissions applicable to the moved item. If the new parent folder granted fewer access rights than the old parent folder, the moved item will inherit the more restrictive access rights of its new parent.
Permissions assigned to new folders depend on the default inherit settings or the permissions option selected in the New rule window.
As of May 2024, if 'inherit parent folder permissions' is disabled the new folder has no permissions.
It is possible to create a folder where you do not have view permissions i.e. if the folder does not inherit the parent permissions and you do not have access to the default settings. This is possible if, for example, you are a Folder admin, Inherit parent folder permissions is NOT selected and no custom group or user permissions were set:
Broken Inheritance - If the folder or file being moved does not inherit the permissions of its parent, after being moved it will still not inherit the permissions of its new parent. Often, the moved item will keep the permissions that it had but they may be changed based on restrictions in the permissions of its new parent. Using the example above, the folder does not inherit the permissions of its parent and External Users have no access rights at all, not even View folder rights. There is a subfolder that sits under the top-level folder but does not inherit the rights of its parent because External Users have been given Add file (edit) rights:
Now, this folder is moved into Internal Access Only and because the subfolder is not set to inherit the access rights of its parent, External Users will no longer maintain their right to add files to this folder.
Because External Users had no access rights to the new parent, they cannot have any access rights to a child item. The only way to give External Users access rights to the subfolder is to modify the permissions of the parent folder to give External Users, at a minimum, View folder rights. View folder rights allow a group to view a folder (and subfolders), but not any files in the folder. It also acts as a lifeline into the folder and its subfolders so that the group may be given enhanced permissions to a child item. For example, if External Users was given Folder view rights to the Internal Access Only folder, users in that group would be able to see that folder and its subfolders. Then External Users could be given Add File rights to a subfolder of Internal Access Only.
The same type of restrictions and changes may apply when file-level security has been enabled and individual files, ones that have been given different permissions from their containing folder, are moved. In this case, if a file previously had more expansive access rights than its parent, then those access rights may be reduced after the move.
Therefore, it is important to consider carefully the impact that moving folders and files may have on permissions and access rights.
