Enable 'Deny' Permissions in addition to 'Allow'
Sometimes it's easier to mark certain notes and folders as unavailable to specific members, rather than make them 'available' to everyone else.
This would be especially useful in nested folders where when a folder is created, permissions are inherited.
In the current scheme, if I have restricted folders inside a public folder I have to allow all members to acces the parent, and allow only specific ones to the private ones. However, if I create a new restricted folder it creates it with the default parent permissions (public) insted of defaulting to private, which could create confidentiality problems if contributors are not careful.
Our current workaround is to only have private folders as root folders to ensure no one makes a mistake.