we have some document types for which we need “download document file” permission on document level. We add/remove this permission via workflow which is working well. But I noticed that “download file” (and some other functions) are only available if I have set them on the document type level (for all documents on that type, not the individual one). Please see the example below:
user A has a role, which does not allow to download documents.
now that role gets the document permission added to download document files via workflow:
Thanks for looking into this. Here are the very minimal steps to reproduce. Sorry, this looks like a lot of text but it is really simple and self declarative.
create a new role “orders” → no permissions
create a new group “orders” → no permissions
create a new user “Testuser” → no permissions
create a new document type “order”
assign
user Testuser → group orders
group orders → to role orders
role orders → document type orders
Now assign the following permissions to role orders for document type order:
create document
view document
edit document
view document files
edit document files
Now login as Testuser, add an order document with file and you can see that the we have the inerrited permissions from the role document type “orders”: this is correct.
Now add the document level permission (as admin user) Download Document File. When checking permissions, it is listed correctly (inherrited permissions plus individual download file permission). But the download button is missing.
Now add the Download Document File as document typer permission (for role order) - so that it is also inherrited from document tpye. Now the download button is there.
If I do all the same for example for delete document file everything is working like exprected.