AX2600

Configure file access (Files tab)

On the Files tab of the Security Management page, you can control access to files in the Axiom Budget Planning and Performance Reporting file system. The following areas can be controlled:

  • Reports Library
  • Data Diagrams Library
  • Filter Library
  • Imports Library and the Exports Library
  • Process Definitions Library
  • Scheduler Jobs Library
  • Task Panes Library
  • Ribbon Tabs Library
  • Certain supporting files for file groups: Templates, Drivers, Utilities, and Process Definitions
NOTE:
  • File permissions do not apply to users with administrator rights. Administrators always have full access to all files.
  • File permissions must be defined within the Security Management page. The bulk editing tool, Open Security in Spreadsheet, does not support configuring file and folder permissions.
  • If you are defining file permissions for a subsystem, see Define maximum permissions for subsystems.

Configure file permissions

The left side of the Files tab displays the available folders and files. When you select a folder or a file in the list, you can define the security settings for the user or role within the Configured Permissions section in the right side of the tab.

Example of Files tab

You can set file permissions at the folder level and at the file level. By default, all subfolders and files underneath a parent folder inherit the rights of the parent folder, unless rights are explicitly set for the subfolder or file.

You can set permissions at the library level and then override those permissions for specific subfolders and files as needed, or you can set permissions for specific subfolders and files only.

By default, each user or role has no access to any files or folders on this tab. You must define file permissions for each user or role.

To configure permissions to a file or folder:

  1. Select the file or folder in the treeview, and then select Configured Permissions.

    If this check box is selected for a subfolder or a specific file, the subfolder or file no longer inherits any permissions set for the parent folder. You can clear the check box, and the subfolder or file, once again, inherits permissions from the parent folder.

  2. Select the applicable permission options as preferred.

    Each type of file (reports, import, and so on) has slightly different security settings that you can define on this tab. For more information about the file-specific options, see the detailed sections.

If a new folder or file is added to any library, the user has access to it if the folder or file is placed underneath an existing parent folder that the user has rights to. For example, if the user has rights to the entire Reports Library, they have access to any new folders and files added to the Reports Library. If the user only has rights to a specific subfolder in the Reports Library, they have access to new folders and files added to that subfolder.

The Effective Permissions section displays the full permissions of the user, taking into account any inherited role rights, and other settings such as administrator rights. This section also takes into account rights that are inherited from a parent folder.

NOTE: Because file permissions can be set at any point in the treeview, it can be difficult to determine later which items have been configured. To change the view to only show items with configured permissions, select the check box for Show configured items only. If the treeview is blank after selecting this check box, this means that the user or role has no configured permissions.

Reports library

The following permissions can be set for files in the Reports library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to reports can open and refresh reports, but cannot save changes. If read access is set at the folder level, users cannot save new reports to that folder.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box for the target report of a custom drill. The user only needs to be able to access this report when performing a custom drill on the source file. Displaying the file in the Reports library would just clutter the list of files because the user never needs to open the file from that location.

NOTE: The Reports Library page (accessible from Reports > All Reports) does not honor this permission. If a user has at least read-only access to a report, it displays in this page, regardless of the Show in Explorer permission.

Allow Save Data

Select this check box if you want the user or role to be able to save data to the database for the folder or file. If a report is set up to use Save Type 1, 3, or 4, the user can save data to the database.

If you do not select this check box, the user cannot save data to the database from the report.

NOTE: If a user has Read Only access and Allow Save Data, they can save data to the database but not save changes to the file. Users with this combination of rights can save data from the file at any time, regardless of whether the file is locked to another user.

Allow Unprotect

Select this check box if you want the user or role to be able to remove workbook and/or worksheet protection for this folder or file.

Users with this permission can use the Advanced > Protect options on the ribbon to remove workbook or worksheet protection from Axiom files.

IMPORTANT: If you enable this permission at the folder level, the user will be able to unprotect any file that they save to the folder (assuming that the user has read/write access to the folder).

NOTE: This setting is ignored for users with the Remove Protection permission on the Permissions tab; those users can remove protection for any file.

Allow Sheet Assistant

Select this check box if you want the user or role to see the Sheet Assistant. Generally, you should only expose the Sheet Assistant if the user is expected to edit file settings, including Axiom query settings.

Enabling this permission also has the following impacts:

  • The user has access to the Control Sheet. If the Control Sheet is hidden in the document, the user can make it visible by double-clicking any field name in the Sheet Assistant.

  • If the user has read/write permission and the Sheet Assistant permission, they can enable forms for the file and can see the Form Assistant and Form Control Sheet.

  • The Drilling Control Sheet, if present in the file, is not hidden if the user has the Sheet Assistant permission.

  • The Data Source Assistant is also available if the Sheet Assistant.

If you do not select this check box, the user cannot see the Sheet Assistant or the other related items as previously described.

Allow File Processing

Select this check box if you want the user or role to perform file processing on the file. If selected, the user has access to file processing features, including the File Processing button on the menu and the File Processing task pane. The related control sheets are also visible to the user.

If you do not select this check box, the user cannot perform file processing actions and cannot see the related menu items, task panes, or control sheets.

NOTE: If a user does not have access to any report files or folders, the Reports menu item does not display on the menu, and the user cannot create reports.

Filter Library

The following permissions can be set for files in the Filter Library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or filter.

  • Read Only: User or role has read-only access to the folder or filter.

    Users with read-only access to saved filters can load those filters into the Filter Wizard for use. If read access is set at the folder level, users cannot save new filters to that folder.

  • Read/Write: User or role has read/write access to the folder or filter.

    If the item is a filter, the user can save changes to the filter. If the item is a folder, the user can also save new filters to the folder, create subfolders, and delete and rename filters and folders.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

Scheduler Jobs library

NOTE: Users must also have the Scheduled Jobs User permission (on the Permissions tab) to access any files in the Scheduler Jobs library.

IMPORTANT: Users do not have to have any file permissions to a Scheduler job in order to run that job by an event handler (for example, when using Run Event or Raise Event).

The following permissions can be set for files in the Scheduler Jobs library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to Scheduler jobs can open jobs and can manually run jobs, but cannot save changes. If read access is set at the folder level, users cannot save new jobs to that folder.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box if a user needs to be able to open a Scheduler job from a shortcut in a task pane, but otherwise the user does not need to be able to browse to it in the Scheduler Jobs library.

Exports library

The following permissions can be set for files in the Exports library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot open the folder or file (however, they can execute the export, if they have the separate Execute permission).

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to exports can open export files to view the settings, but they cannot edit the settings.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

    NOTE: Read/write access to the Exports Library does not allow the user to create exports. Export creation is controlled by the Administer Exports permission on the Permissions tab.
Execute

Select this check box to give the user execute permissions to the folder or file. Users with execute permissions can run the export.

NOTE: Table read permissions are honored for export packages. When the user runs the export, the user's permission to the table determines the eligible data to export. If the user does not have access to the table at all, no data is exported.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (such as Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box becomes selected by default when you assign an access level of Read Only or higher.

If this check box is cleared, and the user has Read Only access or higher, the file does not display in Explorer views but the user can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure, but the user needs access to the file in order to use these other features.

For example, you might clear this check box if a user needs to be able to run an export from a shortcut in a task pane, but otherwise the user does not need to be able to browse to it in the Exports library.

NOTE: If a user has Execute permissions but No Access to the export file, then you should select this check box if you want the export to display in the Export Library. When using this configuration, the user can double-click the file to open the Execute dialog only. If, however, the user will only execute the export from links in a task pane or other predefined links, then you can leave this option cleared.

NOTE: The export access permission and the execute permission are independent. A user can have no access to an export file but still be given execute permissions. Similarly, a user can have read/write access to the export settings, but not be able to execute it.

Imports library

The following permissions can be set for files in the Imports library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file (however, they can run the import if they have the separate Execute permission).

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to imports can open import files to view the settings, but they cannot edit the settings.

  • Read/Write: The user or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

    NOTE: Read/write access to the Imports library alone does not allow the user to create new imports. The user must also have the Administer Imports permission on the Permissions tab.
Execute

Select this check box to give the user execute permissions to the folder or file. Users with execute permissions can run the import.

NOTE: Table write permissions are ignored for import packages. If a user has execute rights to an import, the imported data is saved to the configured destination table, regardless of the user's write access to that table.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

NOTE: If a user has Execute permissions but No Access to the import file, you should select this check box if you want the import to display in the Import library. When using this configuration, the user can double-click the file to open the Execute page only. If, however, the user only runs the import from links in a task pane or other predefined links, you can leave this option cleared.
NOTE:

  • The import access permission and the execute permission are independent. A user can have no access to an import file but still be given execute permissions. Similarly, a user can have read/write access to the import settings, but not be able to execute it.

  • The Import Errors folder is system-maintained and therefore does not display in this page. You cannot manually grant or deny access to this folder or the error files within it; access is automatically granted based on access to the import that generated the error.

  • If an import uses an Axiom database as its source, non-administrators cannot view or edit that import regardless of their access rights granted here. However, non-administrators can run the import if they have that permission.

Task Panes library

The following permissions can be set for files in the Task Panes Library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to task panes can view and use task panes but cannot save changes. If read access is set at the folder level, they cannot save new task panes to that folder.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

    NOTE: Users must also have the Administer Task Panes permission (on the Permissions tab) to create or edit task panes.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box if a user needs to open an associated task pane for a file but otherwise the user does not need to be able to open the task pane from the Task Panes library.
NOTE:

  • Task panes can contain shortcuts to various files and system features. The ability of a user to open a file or use a feature from the task pane depends on the user's permission for that file or feature.

  • Users do not need to have access permission to a task pane to open it at startup. If a user is assigned a task pane on the Startup tab of Security, it always opens as read-only at startup, regardless of the user's access permission.

  • By default, the Axiom ribbon tab does not contain any command to open task panes. If a user has rights to a file in the Task Panes library, in order to see and open this file manually, they must have access to either the Explorer task pane or the Axiom Explorer page, or you must include access to the task pane within another custom task pane or ribbon tab file that is assigned as a startup file to the user. For example, you might create a custom task pane that includes a link to the Task Panes Library, and if a user has file access rights to any task panes they could be launched from this location. Users only gain access to the Manage > Task Panes menu item if they have the Administer Task Panes security permission.

Ribbon Tabs library

The following permissions can be set for files in the Ribbon Tabs library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to task panes can view ribbon tab files but cannot save changes. If read access is set at the folder level, users cannot save new ribbon tab files to that folder.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

    NOTE: Users must also have the Administer Task Panes permission (on the Permissions tab) to create or edit task panes.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

This setting does not have much use for ribbon tab files because ribbon tabs are typically configured as startup files for users, and users do not need access permission to be able to open the file at startup.
NOTE:

  • Users do not need to have access permission to a ribbon tab to open it at startup. If a user is assigned a ribbon tab on the Startup tab of Security, it always opens as read-only at startup, regardless of the user's access permission.

  • In general, there is no need to grant users access to the Ribbon Tabs library unless the user needs to create and edit ribbon tabs. If a user opens a ribbon tab file directly from the Ribbon Tabs library, it always open in the editor, not in the application ribbon. There is no way to open a ribbon tab file on demand and have it display in the application ribbon.

Process Definition library

The following permissions can be set for files in the Process Definition library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to the file can open the process definition from the Explorer task pane and view the settings.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, they can also save new files to the folder, create subfolders, and delete and rename files and folders.

    Users with read/write access cannot start or stop the process. They can only edit the process definition settings.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box if a user needs to open a process definition from a shortcut in a task pane but otherwise the user does not need to be able to browse to it in the Process Definition library.

Data Diagrams library

The following permissions can be set for files in the Data Diagrams library:

Option Description
Access

Select one of the following:

  • No Access: User or role cannot access the folder or file.
  • Read Only: User or role has read-only access to the folder or file.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box if a user needs to open a data diagram from a shortcut in a task pane but otherwise the user does not need to be able to browse to it in the Data Diagrams library.

File groups

The following permissions can be set for certain files and folders in file groups. Each file group is listed separately in this section, with subfolders for Templates, Drivers, Utilities, and Process Definitions.

NOTE: Permissions cannot be set at the file group level and inherited by the folders. Each folder must be configured separately.

Option Description
Access

Select one of the following:

  • Hidden: User or role cannot access the folder or file.

  • Read Only: User or role has read-only access to the folder or file.

    Users with read-only access to files can open and refresh those files but cannot save changes. If read access is set at the folder level, users cannot save new files to that folder.

  • Read/Write: User or role has read/write access to the folder or file.

    If the item is a file, the user can save changes to the file. If the item is a folder, the user can also save new files to the folder, create subfolders, and delete and rename files and folders.

Show in Explorer

Select this check box if you want the file to display in the Explorer task pane and other Explorer views of the file library (for example, Axiom Explorer, libraries displayed on the ribbon menu, and libraries displayed when saving files). This check box is selected by default when you assign an access level of read-only or higher.

If you clear this check box, and the user has read-only access or higher, the file does not display in Explorer views but they can still open the file if they have access to a feature that indirectly opens the file. This includes features such as custom drilling, GetDocument functions, and file shortcuts in task panes and ribbon tabs. The idea is that the user never needs to directly open the file from a folder structure but they need access to the file to use these other features.

If the user's access level is No Access, this setting is ignored.

For example, you might clear this check box if a user needs to open the file from a shortcut in a task pane but otherwise the user does not need to be able to browse to it in the Explorer task pane.

Allow Save Data

Select this check box if you want the user or role to be able to save data to the database for the folder or file. If a file is set up to use Save Type 1, 3, or 4, the user can save data to the database.

If this check box is not selected, the user cannot save data to the database from the report.

NOTE:

  • If a user has Read Only access and Allow Save Data, the user can save data to the database but not save changes to the file. Users with this combination of rights can save data from the file at any time, regardless of whether the file is locked to another user.

  • This permission is ignored for template files and does not apply to process definitions. Save-to-database processes do not run within file group templates.

Allow Unprotect

Select this check box if you want the user or role to be able to remove workbook and/or worksheet protection for this folder or file.

Users with this permission can use the Advanced > Protect options on the ribbon to remove workbook or worksheet protection from Axiom files.

IMPORTANT: If you enable this permission at the folder level, the user will be able to unprotect any file that they save to the folder (assuming that the user has read/write access to the folder).

NOTE:

  • This setting is ignored for users with the Remove Protection permission on the Permissions tab; those users can remove protection for any file.

  • This setting does not apply to process definitions.

Allow Sheet Assistant

Select this check box if you want the user or role to see the Sheet Assistant. Generally, you should only expose the Sheet Assistant if the user is expected to edit file settings, including Axiom query settings.

Enabling this permission also has the following impacts:

  • The user has access to the Control Sheet. If the Control Sheet is hidden in the document, the user can make it visible by double-clicking any field name in the Sheet Assistant.

  • If the user has read/write permission and the Sheet Assistant permission, they can enable forms for the file and can see the Form Assistant and Form Control Sheet.

  • The Drilling Control Sheet, if present in the file, is not hidden if the user has the Sheet Assistant permission.

  • The Data Source Assistant is also available if the Sheet Assistant.

If you do not select this check box, the user cannot see the Sheet Assistant or the other related items as previously described.

NOTE: This setting does not apply to process definitions. Also, control sheets are not hidden in template files.

Allow File Processing

Select this check box if you want the user or role to perform file processing on the file. If selected, the user has access to file processing features, including the File Processing button on the menu and the File Processing task pane. The related control sheets are also visible to the user.

If you do not select this check box, the user cannot perform file processing actions and cannot see the related menu items, task panes, or control sheets.

NOTE: This setting does not apply to process definitions.

File permission examples

The following examples use the Reports library, but the concept of folder inheritance applies to all files on the Files tab.

If a user has read/write access to the Reports library, they can access and save files anywhere in the library, unless a different level of access is explicitly set for a subfolder or a file. For example:

Subfolders and files inherit the rights defined for the parent folder unless permissions are explicitly set for the subfolder or file. When you select a subfolder or file in the folder tree, you can determine if it is inheriting permissions by whether the Configured permission check box is selected. If this check box is not selected, the folder or file is inheriting permissions, and you can view the inherited permissions in the Effective Permissions section.

NOTE: The Effective Permissions also take into account role inheritance and administrator rights (if applicable). Therefore, the subfolder or file might show a different level of permissions than its parent folder if it is inheriting from a role.

If rights are set at the library level, but you want to set a different level of rights for a specific folder or file, select Configured permission for that folder or file and define the preferred level of rights. In the following example, the user has read/write access to the Reports library, but no access to the Utilities subfolder.

If the user was assigned to a role that had access to the Utilities folder, they would be granted that level of access even though the folder is explicitly hidden from the user. Users are granted the highest level of file permissions allowed by their user rights and assigned roles. You cannot override role inheritance for report file access.

It is also possible to grant a user access to a file or folder, but hide that file/folder in the user's Explorer task pane and other Explorer views. In the following example, the Drilling subfolder contains drill target files. The user needs read-only access to the files in order to perform the drill but otherwise they never need to open the files directly or see the files in their Reports library. By clearing the Show in Explorer option, this folder and its files does not display to the user.