Users can post Content to Chatter without "Manage library" or "Attach or Share Content" library permissions
|Knowledge Article Number||000228155|
|Description||The ability for users to share Content via a Chatter post is set first via the user's assigned library permissions where the Content is stored.
Users can search, view, select and attach Content in any library they are a member of via the Attach a File to a Post or Comment action. However, if the user does not have either the "Manage Library" or "Attach or Share Content" library permissions where the Content currently resides, they will encounter the following error when they attempt to actually post to Chatter via the Share button:
"You don't have permission to share this file."
If a user is able to post Content to Chatter despite not having the required library permissions, it's likely that said Content has been previously posted to Chatter by another user who does have the necessary library permissions which resulted in the Content being shared to your company or in a private group where the user is a member for example.
|Resolution||The permission for a user to post Content to Chatter may be extended or implied via their access to a previous post containing the Content.
To see if the ability to post Content to Chatter is being implicitly granted by a previous post, review the Content's related Chatter File page's "Shared With" details. Locate the Content's corresponding Chatter File record by searching for the Content's title in the File's Tab. See Search for Files for more details.
If the file is shared to a Chatter group where the user is a member, shared directly to the user, or shows as shared with "Your Company" the user will be able to implicitly share the content elsewhere in Chatter despite not having the library permissions to do so. A user with Viewer permission on a Chatter File page's Sharing Settings can find, view, download, and share the content file regardless of the content's library member permissions.
To prevent further sharing of a piece of Content via Chatter and outside of the security controls established by its library's permissions, an administrator must revoke Chatter File sharing via the "Show All" link in the Shared With section of the Content's individual Chatter File's detail page:
1. Click "Restrict access" to automatically remove the Content file from all existing Chatter posts:
"This file belongs to one or more libraries. Restricting access to this file will remove it from all other locations. You can manage your library permissions from within Salesforce Content."
2. Click the "Viewers" dropdown link in the Permissions column for the "Any user in your company" entry and select "No Access" to Stop Sharing:
"Are you sure you want to stop sharing the Content Name file with your company?
Removing the company share also removes shares with public groups and posts on public profiles."
Note: This action will not revoke a user's ability to re-share a Content file if the file is shared in a private group where the user is currently a member.
3. Click the X icon to the right of the sharing entries for groups or individual users to remove the content file from posts:
"Are you sure you want to stop sharing the Content Name file with User Name or Group Name?"
When removing sharing via the Content's related Chatter File page the actual Chatter feed entry or post remains intact however, the content itself is removed from the post's body and replaced with a message reading, "The file is no longer available."
Once all sharing has been revoked for the Content's Chatter File the user's library permissions to share Content via Chatter will once again control their ability to post the Content to Chatter.
To delete the actual Chatter post containing that contained the Content/Chatter File, administrators can locate the posts by Searching in Chatter for the Content's title to view the individual chatter posts and manually manage them.
Viewing Where a File is Shared
Searching for Files to Attach to a Chatter Feed