A steel structure repaired component archive anyone with link checklist helps EPC teams find a specific access-control risk: repair records are not fully public on a website, but the archive folder, evidence package, or transmittal attachment can be opened by anyone who receives the link. That setting is convenient during review, but it is often too open for final repaired component archives.
This checklist is for buyer-side document controllers, quality teams, engineering reviewers, and site handover teams who need to keep final repair records retrievable without leaving repair photos, NCR closeout evidence, engineering dispositions, or internal comments open to uncontrolled users.
1. Confirm where anyone-with-link sharing is enabled
Do not assume the setting appears only on the final archive folder. Anyone-with-link access may be inherited from a parent folder, copied from a temporary review workspace, or embedded in a transmittal link.
- Check the final repaired component archive folder and each major subfolder.
- Check parent folder inheritance for quality, engineering, site, and handover areas.
- Check evidence package links included in transmittals, comments, issue logs, and closeout trackers.
- Check repair photo folders, NCR folders, engineering disposition files, and acceptance records separately.
- Check whether old review links still open after folder migration or final handover.
For broader link discovery, use the archive public link exposure checklist.
2. Separate temporary review access from final archive access
Anyone-with-link access may be acceptable for a short review window if the project rules allow it. It should not become the default access method for final archive records. EPC teams should distinguish working review links from controlled final archive links.
| Access situation | Recommended control |
|---|---|
| Temporary comment review | Use short expiry, named owner, and a defined closure date. |
| Final owner handover archive | Use named owner accounts or approved owner groups, not open link access. |
| Restricted engineering disposition | Limit access to approved engineering and quality reviewers. |
| Repair photos for accepted work | Allow retrieval through controlled archive roles and final indexes. |
| Internal draft comments | Remove from final archive or restrict to internal project roles. |
For expiry logic, use the archive link expiry checklist.
3. Check permission inheritance before changing links
Many access problems are caused by inherited settings. A document controller may remove anyone-with-link access from one file while the parent folder still grants broad access. Review inheritance before declaring the archive corrected.
- Identify whether the file, subfolder, or parent folder controls the sharing setting.
- Check whether repaired component evidence inherits access from a general quality folder.
- Check whether site teams copied repair evidence into a more open handover folder.
- Confirm whether breaking inheritance will remove access needed by approved owner users.
- Record any folder-level exception that remains open for a defined handover reason.
For permission review, use the archive permission review checklist.
4. Replace anyone-with-link access with role access
The safest correction is not simply to turn off the link. First create the correct controlled access route, then test it, and only then disable the open setting. Otherwise, the archive may become secure but unusable for the owner or site team.
- Create role-based access for owner handover, quality review, site closeout, and engineering records.
- Use named users or approved groups instead of anonymous link access.
- Keep restricted dispositions separate from general final evidence if the same audience should not see both.
- Update archive indexes so users do not continue relying on the old open link.
- Disable the anyone-with-link setting after controlled access is tested.
For role design, use the archive access control checklist.
5. Retest anonymous, expired, and approved users
Access correction is not complete until it is tested from different user positions. The old anyone-with-link path should fail for anonymous or unapproved users, while approved archive users should still retrieve the final record.
| Retest user | Expected result |
|---|---|
| Anonymous user with copied link | Access denied or expired. |
| Expired project reviewer | Access denied unless a current role still applies. |
| Owner handover user | Final accepted repair records open through controlled archive access. |
| Engineering reviewer | Restricted technical records open only through approved reviewer access. |
| Site closeout user | Only the site-relevant final records open. |
For access testing, use the archive access retest checklist.
6. Log every anyone-with-link correction
A corrected access setting should leave a traceable record. This helps future reviewers understand why a public or open link no longer works and where the final controlled record is now stored.
- Record the original link, source document, component mark, repair number, and file type.
- Record whether the setting was inherited, manually created, copied, or migrated.
- Record the replacement controlled route, role group, owner, and approval date.
- Record the date the anyone-with-link setting was disabled or expired.
- Attach retest evidence for denied anonymous access and successful approved access.
For traceability, use the repaired component audit trail checklist.
7. Prevent anyone-with-link settings from returning
Open sharing often returns when teams rush to solve a comment deadline, replace a broken link, or support a remote handover review. The final archive process should define when this setting is allowed and when it must be removed.
- Require a named owner and expiry date before anyone-with-link access is used.
- Review anyone-with-link settings before final archive acceptance.
- Block inherited open access from temporary review folders into final handover folders.
- Train teams not to paste open links into final archive indexes.
- Run a permission review after major folder migration, owner handover, or account closure.
For migration checks, use the archive link migration checklist.
Final anyone-with-link checklist
Before accepting a repaired component archive, confirm:
- Final archive folders, subfolders, evidence packages, and transmittal links were reviewed.
- Temporary review links were separated from final archive access routes.
- Inherited folder permissions were checked before correction.
- Anyone-with-link access was replaced with named users or approved role groups.
- Anonymous, expired, owner, engineering, and site users were retested.
- The old open link was disabled, expired, or documented as a controlled exception.
- The replacement route, approval, and retest result were logged in the archive record.
Red flags in anyone-with-link archive access
- Final archive indexes point to anyone-with-link URLs.
- Repair photos and NCR closeout files open without a named user account.
- Engineering dispositions are stored in the same open folder as general handover evidence.
- Open access is inherited from a parent review folder.
- Old review links still open after final archive migration.
- No retest proves that anonymous access is denied after correction.
Buyer note: Anyone-with-link access should be treated as a temporary review method, not a final archive method. EPC buyers should require discovery, classification, controlled replacement, user retesting, and a correction log before accepting repaired component archive records.