Hi, I’m part of an IT company and one of our clients has been using Box since before we started managing them. We’ve been trying to handle an issue with the permissions and so far, we haven’t been able to find a good solution. Box support was not helpful, and I spent some time learning the CLI, but I’m still struggling to figure anything out. Anyways, here is the problem:

The file structure that they have set up does not work with the way Box handles permissions. The situation is they have a folder titled “Human Resources”. In this folder there is an “Employees” folder and each employee of the company has their own subfolder. Within each employee’s folder, there are two subfolders. One of these subfolders is called “Confidential” and should only be accessed by HR. The other subfolder is “Personnel” and should be accessed by HR and Accounting.

Since Box forces their waterfall/inheritance permissions model, we are not able to make this work. If we give read access for Accounting to the “Employees” folder, they get read access to the “Confidential” folders for each employee as well. If I only give Accounting access to the “Personnel” folder for each employee, they will just see hundreds of folders titled “Personnel” with no idea who they belong to.

The only solution we have been able to come up with so far is to completely restructure the Human Resources folder by creating “Confidential” and “Personnel” folders, each containing a folder for every employee. This is not ideal since it would cause confusion for the client and with the size of the company, we would probably have to hire someone to write a script to complete this task. This is assuming that something like this could be completed with CLI and PS scripts.

Is this the only solution, or is there something we are missing? Thanks in advance for the help!