Each piece of data in the Workiva platform is protected by its own specific access control mechanisms. For example, a file's content is restricted to the appropriate users by the Permissions tab in the file, so that only Viewers can view it and only Editors can edit it.
This article explains the finer details surrounding the access control mechanisms for file names, which differ slightly from the access control mechanisms for a file's content.
File names in Workiva are restricted to the users of the workspace where the file resides. There are a number of specific situations in Workiva where a file's name is shown to a user that doesn't have explicit Viewer permissions on the file's content.
Here are some examples:
- When a file is linked through href into another file, the other file's viewers expect to see the referenced file name in the linking pane.
- When a cell value or a text snippet is linked from a source file to a destination file, destination file viewers expect to see the source file's name in the linking pane.
- When a task is assigned in the context of a file, the task assignee expects to see the file's name in the notification email.
The Files page and the search bar, however, only show documents that the user does have explicit Viewer permissions to view.