Read and file permissions
There are two additional permissions that are not set using the Define Roles tool. These additional two permissions are:
File a record
Read a record
The permission to file a record is actually a superset of the permission to read a record. That is, if you can file a record, you can also read a record.
The Records Management administrator, by default, automatically has the permission to file a record included as part of the role for the administrator. This permission is not available for edit from the Define Roles tool, so it can't be removed from the administrator role, at least from the user interface.
Since the administrator role is applied at the root node of the File Plan, by default, all users in the administrator role will have complete rights to both file and read all parts of the File Plan. Because these permissions aren't exposed via the Define Roles tool, no other role can have these access control permissions automatically applied at the File Plan root.
Within...
