Permissions Propagation/Permission Preservation Policy
On This Page
Overview
This feature allows the source permissions for folders and files to be transferred to the destination during job execution.
Permission Options
Preservation Policy
Permission preservation policy determines how you want permissions to be applied with your job execution(s). There are 3 options available:
Setting | API Parameter | Description |
|---|---|---|
Disable Preserve item Permissions | none | No permissions will be passed from source to destination. This is the default. |
Add Permissions | add | The current permissions existing on impending transfers (on files or folders) will be preserved as they are transferred on both the source and the destination. This is the recommended setting. |
Prefer the permissions on Source | diff | This will reconcile permissions with the source, which will remove permissions from the destination if they do not match the source. This will keep things in sync if the destination folder levels more permissions than the source. This is a good option for sync jobs that are constantly moving back and forth to keep everything as intended. |
Failure Policy
Permission failure policy determines what should happen with your job execution(s) should it encounter failures. There are 4 options available:
UI Setting | API Parameter | Description |
|---|---|---|
Transfer the item | none | Do not halt transfer of the item on permission failures. This is the recommended setting if you want to ensure content will transfer even if permissions are not applied due to warnings or failures. |
Do not Transfer the item | exceptions | This applies to platform exceptions only. Halt transfer of item (e.g. a folder's children) when there are platform exceptions while transferring permissions to the destination. This is the default. |
Do not Transfer the item | deny | Halt transfer of item when any deny or disinheritance permissions fail to transfer to the destination |
| all | Includes both "exceptions" and "deny" policies. |
SkySync will reevaluate permissions every time the content changes or a permissions reset is performed. This is applicable for both copy and synchronize job types. For example, if a new permission is added to a file but no other changes occur, SkySync will not apply this permission on subsequent runs. A permission reset will need to be performed.
REST API
Example JSON
{
"name":"Permission_Prop",
"kind": "transfer",
"transfer": {
"audit_level": "trace",
"transfer_type": "copy",
"permissions": {
"policy": "add",
"failures": "exceptions",
"import": {
"source": {
"text": {
["delimiter"]: ",", //optional, defaults to comma
"target": {
"path": "/skysync_permissions.csv"
}
}
},
"output": {
"format": "text"
}
}
},
"source": {
"connection": {
"id": "{{nfs_connection}}"
},
"target": {
"path":"/"
}
},
"destination": {
"connection": {
"id": "{{cloud_connection}}"
},
"target": {
"path": "/proptest1"
}
}
},
"schedule": {
"mode": "manual"
}
}
Legacy Setting
You can still use "permissions": "add" or "permissions": {...} and "permissions_import": { ... } separately if you do not want to specify a failure policy or want to set import and policy separately. They will, however, be returned together under "permissions" when getting the transfer job details (e.g. fields=all or fields=transfer.permissions).
{
"name":"Permission_Prop",
"kind": "transfer",
"transfer": {
"audit_level": "trace",
"transfer_type": "copy",
"permissions": "add",
"permissions_import": {
"source": {
"text": {
["delimiter"]: ",", //optional, defaults to comma
"target": {
"path": "/skysync_permissions.csv"
}
}
},
"output": {
"format": "text"
}
},
"source": {
"connection": {
"id": "{{nfs_connection}}"
},
"target": {
"path":"/"
}
},
"destination": {
"connection": {
"id": "{{cloud_connection}}"
},
"target": {
"path": "/proptest1"
}
}
},
"schedule": {
"mode": "manual"
}
}