How to give a group execute permissions for only a single folder?

Hi,

I think, I don’t quite understand, how to set permissions on our server (v4.16).

Here is what I want:

  • Two groups (knime and admin), that are able to access every workflow group and workflow
  • One group (web), that can only execute workflows in a specific workflow group through the webportal
  • The default permissions for new items should be restrictive, i.e. new items should not be accessible by web. I don’t want to edit permissions everytime I add a new workflow or workflow group.

Those are pretty basic requirements, but I can’t get it to work.

I have configured the groups as described here, so web can only access the server through the webportal and not through the client. This works fine!

I tried to configure the permissions for the repository root like this:

I don’t want to give the the web group any permissions on the server root, because those settings seem to be used as default for any new items. However with this setup the web group can’t see anything in the webportal, regardless how I configure any other workflow groups or workflows.

Am I doing something wrong or is this simply not possible?

Thanks a lot.