Simplified Admin access and permissions
J
John Borsdorf
I am the admin of our workspace and was asked to add an individual to a protected project. Currently the system is blocking me from doing this. I would have expected that Admins had full capability to make these changes.
Log In
Jazmin Taheri
Merged in a post:
Spot to Switch License Type Directly On User Groups Page
A
Ashley Churchill
Jazmin Taheri
Merged in a post:
Set user groups to 'No Access' .
A
Alex DeWitt
We have projects which everyone can see and others that are only suitable for a few people to view (e.g. an external client logging in). We might have to retrospectively go back over dozens of existing projects and set them all to 'no access' for this external client group, so it would be ideal to be able to somehow manage permissions like this in bulk across many projects.
Pat Barlow
Hello Alex DeWitt! I have a few more questions for you:
- Can you provide more details on how you currently manage project permissions and what challenges you face?
- What is the average number of projects that you would need to change permissions for at a time?
- Could you elaborate on the different types of user groups you have and their typical access needs?
A
Alex DeWitt
Pat Barlow
- We have only just encountered this issue with some sensitive projects with interviews where employees may reveal sensitive/explosive things about the company and we want to lock down those projects to limited people - that has been fairly easy.
However, we have also had a request from a client team to have access to projects relating to their client. In this case they should only be allowed to see the few projects relating to them, but not other projects. This seems virtually impossible to implement with the current functionality, as for each of our 125 projects we would have to manually set the workspace to 'no access' and then add back in 20-126 users who are allowed access. What we think we want to do instead is set a specific user group to default to no access and then grant access to the couple of projects relevant to them.
- As per the description above, we'd need to set this for around 125 projects
- A summary of point 1, it would only be 2- 3 different user groups who have limited permission (should not see every project but only those relevant to them). We want all other projects to be open to all users (126 and counting).
A
Alex DeWitt
Pat Barlow we've also just had a request for another division of our company to join our workspace - their work and ours is quite different so would need to be separated by permissions. If they joined we'd have to retrospectively deny them access to all 125 existing projects
H
Haley Fiorentino
Hi there, I'd like to add some additional feedback and suggestion to this topic. When managing groups, it can be cumbersome to go through each project and folder to ensure that each group has the right permissions. As one of my clients is working through this, they are updating permissions across their workspace and thereby sending out lots of emails. It would be helpful if, when going to share a folder or project, the "sharer" is asked if they would like to notify the people in the group.
Pat Barlow
Thanks for raising this John Borsdorf! This is an intentional decision to ensure that private projects and folders can only be accessed by those who have been granted explicit access. Users with an admin role are still subject to the same access controls and cannot bypass them to gain access to a private project.
We may look into the possibility for Admins to be able to see that there are projects that they don't have access to, but they won't be able to access every project by default.
J
John Borsdorf
Pat Barlow Thank you for the feedback. I understand the concern. The issue we run into is the users are not knowledgable in the access management for the projects and personnel. Often the managers of the project will come to the admins to request access changes, which the admins are unable to complete. The admins then have to continually coach the project managers how to do the access updates since they don't do it on a regular basis. The other issue is when the project owners leave the company there is no way correct it without going directly to the Dovetail team.
A
Angie Ferraro
Plus 1, I have this issue often
Pat Barlow
Thanks Angie 😊
This is one of those requests that we will need to look at more deeply, as we need to ensure that users who have explicitly created private projects can trust that the data being uploaded is secure and can only be accessed by those who have been granted explicit access 😓