Resources has a lot of flexibility when it comes to permissions. For one thing, users don't have to be admins in order to work with it! This article explains several scenarios in which different types of users are granted Resources permissions with varied results.
Example 1: Limited admins
Admin groups with Resources permissions have access to all folders and galleries, but there are still ways to limit these permissions. In the Permissions section of Resources, there are three levels of rights: Admin; View, Edit & Upload; and Not Allowed. Any admin group with "Composer" checked off in Admin Users will appear on this permissions list.
If you have an admin group that you don't want to be able to access certain folders at all, the best option on the Permissions tab is "Not Allowed." From there, you can still grant permissions upwards on a folder-by-folder basis. The same way you gave a constituent group folder rights in the first example, you can choose an admin group from that dropdown list. Expand the "Site Administrators" dropdown on the "Select a Group" list.
To grant lesser permissions on a global level, choose the "View, Edit & Upload" option. This will only give admins access to the "Resources" and "Galleries" tabs. These users won't be able to view the Deleted Resources section or grant permissions to other users.
Example 2: Parent contributors
Crowdsourcing event photos has never been easier with Resources! Simply give your parent group access to their own folder(s). First, you'll want to create a group in Group Manager with all the constituents you want to be able to upload and edit photos in a particular folder. (You can also grant access to individual constituents, but it's best to use a group if you're offering permissions to more than a handful of users.)
Then, go to the Resources section of Resources and find or create your folder. On the three-dot Action Menu next to the folder, select "Settings." Choose the "Permissions" tab. Click "Select Group," and then choose the group from the list. The group will be added to the Permissions screen. Finally, choose the permission level from the dropdown list next to the group. "View, Edit, Delete all folder contents" means they'll be able to see the folder, upload and edit files, and delete from the folder. They won't be able to delete the folder or access any other area of Resources.
Example 3: Constituent admins
Once you have set up a folder for your parent contributors, an admin or another constituent with higher permissions can review the photos and choose the best ones to add to a gallery and display on the website. If your reviewer is an admin user, they already have permissions for all the galleries and you won't need to do anything else. However, you can also grant admin-level permissions to a constituent or constituents who can manage the folder and the gallery without an admin user account.
First, give the reviewer(s) permissions to the folder the same way you did in example 1. Instead of "Select Group," though, type the person's name in the field to search for them in Constituent Manager. You may also want to choose "Admin" from the dropdown menu, which will give them rights to add other people to the folder and change permissions levels.
Then, go to Galleries and find or create the gallery you want resources from that folder to feed into. From the three-dot Action Menu, choose "Permissions." Type in the constituent's name or select a group, then choose the desired permissions level from the dropdown. The reviewer(s) can now add files from the folder to the gallery.
Finally, you can set the gallery to display in a Resource element in Composer. Whatever is currently in the gallery will be shown in the element, so the gallery admin has the ability to continually refresh content on a website page without ever touching the admin side of the site!