No.  Waterfall permissions would give them access to all subfolders.  You need to provide users with collaboration privileges for each of the individual subfolders you want them to access and not the parent folder.  

Hi Chris, thanks, that’s what I have found when trying to get the User permissions right.

My problem is that if I give direct sub-folder access, then the folder hierarchy system falls apart. 

If a user has access to only select sub-folders, but not the entire parent folder, then all of the sub-folders just appear unorganized for the User.

Is there any way to maintain the folder hierarchy structure and limit access to specific sub-folders within the total structure?

Ok.  Understood.  Short answer - yes you can do it.  But it will take some work.

I provide that same type of access to my users via the Salesforce integration.  Collaboration is granted via API’s in the managed package.  What you need to provide them is the “can_view_path” collaboration privilege.

I don’t have any experience in implementing it through Box itself, only via Salesforce.  I know it can be accomplished via Box CLI - but I assume the manual ongoing maintenance of these collaboration settings is not something you want to take on so it warrants a more automated solution.  With that in mind - I will defer to another community member to hopefully provide further help on this.