Note: This function is currently only available to company account creators/super administrators
This function is only available to users of flagship versions E2 and E5. Please contact support or a sales manager to obtain a flagship version.
In order to strengthen the company's internal document security control, Lark has upgraded its document permission function, allowing companies to configure more default document permission settings. This means administrators can configure global internal document permissions for a company or specific permissions for certain departments, user groups, and members.
In addition, administrators can view the objects to which various permission configurations are applied.
Go to the configuration page
- 1.Open Lark Admin and click Security > Advanced Data Protection >Default permissions settings for Docs.
Configure permissions settings for Docs
- 1.From the page, select the range for which to set default permissions. You can choose Global or specific Members, Departments, or User Groups.
- 2.Click Edit to set the Sharing, Comment, and Security permissions for the selected range, and click Save.
- 3.Then, you can view the objects governed by the set configuration and edit existing configurations.
- 4.When an administrator sets or edits a configuration, the changes will take effect within10 minutes.
Note: Administrators can add up to 10,000 configuration rules.
View rule configuration details
- 1.Click Rule configuration details in the upper-right corner to view the applicability of various configuration items. The applicability can be: Applicable to all members,Set for specific objects or no specific applicable objects
- 2.Click View details to bring up a list of the objects to which a configuration applies. Click a specific object to go to the configuration page, where you can view and edit configurations.
How can company members share documents outside the company?
Administrators set whether or not to allow company members to share documents externally. In the Doc sharing permission configuration, administrators can allow a specified employee or a group of employees to share documents externally. Alternatively, administrators can prohibit internal members from sharing files and folders with external users.
Note: External users can only access a document via a link when an internal company member shares the document link externally.
After default permissions are set by administrators on the admin console, can I modify the permissions on the frontend?
Yes, document owners can modify the default permission settings. They should set reasonable document permissions according to the sensitivity to document content.
Departments, user groups, and members that have their own permission settings are specific configuration objects.
When an object is covered by two permission configurations, which configuration does it apply?
The default permission configuration of an object is determined by the inheritance logic. Click on an object to go to its configuration page to view or edit its permission settings.
If a member is part of multiple departments or user groups with different permission configurations, what are the actual permission settings of the user?
This is determined by the priority of default settings in the system.