2023:Permission Sets

From Grooper Wiki
Revision as of 09:14, 20 March 2023 by Rpatton (talk | contribs)
WIP

This article is a work-in-progress or created as a placeholder for testing purposes. This article is subject to change and/or expansion. It may be incomplete, inaccurate, or stop abruptly.

This tag will be removed upon draft completion.

Add Permission Sets to Grooper 2023

In this article we will show you how to add and update permission sets to access different areas of a repository in Grooper 2023.

New Functionality in 2023: Not only can you now restrict access to certain areas of a repository, you can now restrict what actions individuals can take while working in Grooper!

About

There may be times where you do not want everyone to have full access to your Grooper repository. After putting in hours of work into customizing your repository design for your company needs, you do not necessarily want someone without training being able to edit your work.

You may have some employees that design the repository and you may have others that simply review the extracted data. Each employee that works with Grooper may have different needs and require different restrictions. With permission sets you can customize who has access to which part of the repository you are working on.

You can also restrict what actions an individual can take while working in Grooper. If you want to avoid someone accidentally deleting a batch or clicking cut instead of copy, you can restrict those actions.

Adding Permission Sets

There are two parts to configuring permission sets: granting/restricting page access and granting/restricting permissions.

Page Access

The first part of configuring permission sets is configuring what groups can have access to which pages in Grooper. By default, everyone has access to every page in your repository. For example, if you would like users to only have access to the "Batches" and "Tasks" pages, we can do that here.

  1. Open Grooper and click on the "Design" icon.

  2. Make sure the repository root node is selected and click on the "Root" tab if not already selected.
  3. Click the ellipsis button at the end of the Permission Sets property.

  2. Once the Permission Sets window opens, click the plus sign button in the top righthand corner to add a new permission set.
  3. On the right side of the window, you will have a set of options to choose from.

  2. To the right of Name enter the name you wish to give to this permission set. In this example we are going to use the name "Reviewer".
  3. Click the ellipsis button to the right of the Applies To property.

  2. In the window that pops up, search for the group you wish this permission set to apply to.
  3. If you want to assign Permission Sets to individual people, first click the person icon above "Description" to switch to a list of individuals rather than groups.

  2. Double click the group or individual you want to assign to the permission set. You can add multiple at one time.
  3. Click "OK".

  2. On the Permission Sets window, click the arrow to the left of the Page Access property to open up another set of properties.
  3. Add a check mark next to each item you wish the groups or individuals to have access to.
  4. Click "OK".

  2. Now that we have restricted the pages we wish the "Users" group to have access to, take a look at the next tab to learn how to restrict what "Users" can do in those pages. If you do not wish to edit permissions, just click "OK" on the Permissions Sets window and click the save icon.


Please note that any user browsing the web client has their permission sets cached for their current session. If you change their accessibility in the permission sets, they will not see those changes take place until they are logged out of the current session.

After saving your Permission Sets in the Grooper web client, as best practice to eliminate any security risks by recycling the app pool in IIS. This will force them to log out of their current session.

Permissions

  1. At the bottom of the properties list on the right, there are three sets of permissions you can apply to the selected Permission Set:
    • Node Permissions
    • Attachment Permissions
    • Link Permissions

  2. Click on the ellipsis button to the right of the property. For this example we are going to configure the Node Permissions.

  2. In the window that pops up, you will see multiple options. Here we have three: Batch, Batch Folder, and Batch Page.

  2. Select the type of permissions you wish to configure. In this example we are going to select Batch.
  3. On the right side of the window, click the arrow next to Command States to open the list of different individual permissions you can set.
    • By default, all of the permissions are selected. If you wish to restrict permission to perform a specific action, just uncheck the box next to the action.

  2. In this example, we are going to prevent anyone with the User permission set from deleting batches. Scroll through the Command States until you find the "Delete" command and uncheck the box to the right of the command.
  3. Click "OK" to save your work and close the window.

  2. Click "OK" to close the Permission Sets window.

  2. Click the save icon to save the configured Permission Sets.


Please note that any user browsing the web client has their permission sets cached for their current session. If you change their accessibility in the permission sets, they will not see those changes take place until they are logged out of the current session.

After saving your Permission Sets in the Grooper web client, as best practice to eliminate any security risks by recycling the app pool in IIS. This will force them to log out of their current session.

Click here to return to the top of the section

Retrieved from "https://wiki.grooper.com/index.php?title=2023:Permission_Sets&oldid=11544"