Extend Record permissions with Download permission

Peter Klören 5 years ago in ADAM Core updated by petra.tant 2 years ago 13 1 duplicate

The current list of permissions set for accessing Records consists of:

NoAccess, Read, Modify, Delete, FullControl, DenyFullControl, DenyDelete, DenyModify, DenyRead

Please extend this to:

NoAccess, Read, Download, Modify, Delete, FullControl, DenyFullControl, DenyDelete, DenyModify,  DenyDownload, DenyRead

The permission to download will enable the download buttons and allows the files to be used via CS Sync. 


Assets security ordering

Duplicates 1

As our implementation has grown and the various audiences has expanded, we too see a need to control the availability of a set of assets to be be downloadable or not. For example, here is a use case for the value.

We are seeing as most companies have, a precipitous rise in the development of video content. There are internal audiences who should not have the ability to download the video (and therefore potentially distribute the content through other channels), but who do need to review video content. If the use of a "download" on/off switch were introduced, we could more easily address the expanding profiles of our ADAM user audiences. One could think of this as simply a more granular "Read Only" configuration.

There is a customization that Joris has offered in which this can be done through a Classification, but ideally, to have it as an OOB configuration would be ideal.



It is standard request from many our customers. And we have to add the custom controls for downloads for resolving this issue every time. So it would be ideal to have this functionality as an OOB configuration.

Thank you,


We keep building a lot of custom code to accomplish this. When disabling "Download this version" checkbox to prevent users from downloading anyway and bypassing the checks on the menu actions, some modules like workflow and collaboration break as they seems to have a need to fetch the file from the file storage, even if you do not manipulate the file itself.

Please put this one on top of your backlog!

I can say, that it's not on the very top of our backlog. But it's not far from it. We are definitely looking into this soon(tm).

In the meantime, please continue to add all the use case information that you have related to this request, so that when we do reach this item, we will know where to focus.
Some questions related to this functionality:

What determines if a user has the right to download?
When having the right to download should a user be able to download everything, or only specific files and/or file versions?
Is the download rights generally tied to a specific classification, file type, user group or type of asset?
Is the download right a one time off right, or persistent? 
Who manages these rights?


Ida Engmark

Product Owner

Hi Ida, Just send you my thoughts and a design that is used to custom build this. As it contains client information, I can't share it here.

Just send you my design by email. It can't be shared on this forum.

Basically the system lacks support for the use case when some group of users should be able to find the records, but need some kind of approval before they can download and at the same time some other users need to be able to reach the files in order to update them via ADAM CS Sync or workflow / collaboration.

When unchecking the "can download this version" checkbox to prevent the first group of users to download without approval, other users can't use ADAM CS Sync to open / update the assets even when they have modify permissions on the records.

We also have a useCase where some records if they have the status of Copyright some users can't download highRes versions but they can downloal a lowRes resized version and make a request to the owner or administrator of the record for the highRes file.

A convention for the Additional files should also be incalculated in this story!!!

At the moment we place InDesign packages as ZIP files in the addional files of the fileVersion…

now you could overwrite all the thumbnail action menu items with some code to evaluate the download of additional files… but when the user goes to view and click open additional files you get a very nice downloadbutton that you can't modify or intercept…

What's the status on this feature? We may have an upcoming client for which it would be very useful.


The status hasn't changed from planning to started yet. We have this planned, but weren't able to pick it up in our next Winter release e.o. Feb 2017.


Is there a way to get this prioritized? Seems like a bunch of people want the feature.

Related topic: when a user has modification permissions (but NO delete permissions) on records, he is still able to delete the master file. From a technical perspective, this is a modification, but still... would it not make more sense to disable master file deletion together with record deletion? Or can this behaviour be made configurable via a system setting?
Alternative (in line with above feature request), dedicated permissions for 'candeletefile' and 'denydeletefile' could be introduced, but I think too many permissions can make things too complex: e;g. what about 'canuploadnewversion', 'candeleteversion', 'canuploadadditionalfile',...


Download persmissions have been separated from edit rights in the meantime.