Document's SystemID = THING in Security Table
Check what users have access to a document (use docuemtn's SystemID or THING in Docsadm.secuirty table)
select S.THING,S.PERSONORGROUP,S.ACCESSRIGHTS,P.USER_ID,P.FULL_NAME,G.GROUP_ID,P2.USER_ID,P2.FULL_NAME from DOCSADM.SECURITY S left join DOCSADM.PEOPLE P on S.PERSONORGROUP = P.SYSTEM_ID left join DOCSADM.GROUPS G on S.PERSONORGROUP = G.SYSTEM_ID left join DOCSADM.PEOPLEGROUPS PG on G.SYSTEM_ID = PG.GROUPS_SYSTEM_ID left join DOCSADM.PEOPLE P2 on PG.PEOPLE_SYSTEM_ID = P2.SYSTEM_ID where S.THING = 45029530 Check what documents and access associated with a client (use client's client_id, not the system_id) select p.system_id, p.docnumber, m.system_id, m.matter_id, c.system_id, c.client_id, s.accessrights, s.personorgroup from docsadm.profile p join docsadm.matter m on p.matter = m.system_id join docsadm.client c on m.client_id = c.system_id join docsadm.security s on s.thing = p.system_id where c.client_id = '2823440' DM5 DM5 Security Queries declare @client varchar(12) declare @matter varchar(12) declare @groupID varchar(40) declare @secGroupID varchar(40) set @client = '0001' --CHANGE CLIENT NUMBER HERE set @matter = '' --CHANGE MATTER NUMBER HERE set @groupId = 'ZZINT_'+@client+'_'+@matter --Users in group select p.user_id, p.full_name, g.group_id, g.group_name, g.disabled, g.SYSTEM_ID from docsadm.people p join docsadm.peoplegroups pg on pg.people_system_id = p.system_id join docsadm.groups g on g.system_id = pg.groups_system_id where g.group_id = @groupID --Security group ID; select @secGroupID = g.system_id from docsadm.people p join docsadm.peoplegroups pg on pg.people_system_id = p.system_id join docsadm.groups g on g.system_id = pg.groups_system_id where g.group_id = @groupID --documents being secured SELECT p.last_edit_date, p.docnumber, p.docname, p1.full_name as Author, s.accessrights as 'AccessRights(2147....=Deny, 255 = grant)',c.client_id, m.matter_id FROM docsadm.profile p JOIN docsadm.matter m on p.matter = m.system_id JOIN docsadm.client c on m.client_id = c.system_id JOIN docsadm.security s on s.thing = p.system_id join docsadm.people p1 on p.author = p1.system_Id WHERE s.personorgroup = @secGroupID --For inclusionary walls, verify that *only* ZZINT groups appear select distinct g.GROUP_ID, p.USER_ID from docsadm.security s left join docsadm.GROUPS g on g.SYSTEM_ID = s.PERSONORGROUP left join docsadm.PEOPLE p on p.SYSTEM_ID = s.PERSONORGROUP where thing in ( SELECT p.system_id from docsadm.profile p join docsadm.matter m on m.system_id = p.matter join docsadm.client c on c.system_id = m.client_id WHERE c.client_id = @client and m.matter_id = @matter --remove this part of where clause if wall is client level (comment out 'and m.matter_id = @matter') ) --select documents and users given access to specific matter (in this example matter 2001) declare @Matter varchar (12) set @Matter = '2001' select M.MATTER_ID, M.MATTER_NAME, P.DOCNAME, case ACCESSRIGHTS when '255' then 'yes'else 'no' end "accessrights", S.PERSONORGROUP, G.GROUP_NAME, G.GROUP_ID, PE.USER_ID from DOCSADM.MATTER M join DOCSADM.PROFILE P on M.MATTER_ID = P.MATTER join DOCSADM.SECURITY S on P.SYSTEM_ID = S.THING join DOCSADM.GROUPS G on S.PERSONORGROUP = G.SYSTEM_ID join DOCSADM.PEOPLEGROUPS PG on G.SYSTEM_ID = PG.GROUPS_SYSTEM_ID join DOCSADM.PEOPLE PE on PG.PEOPLE_SYSTEM_ID = PE.SYSTEM_ID where m.MATTER_ID = @Matter