Need help for setup: Access Rights

Matthias Bachler April 4, 2013

Dear all,

we have decided to switch our 10 user starter licence to 50 or more,

but before we can proceed I need to know how it would be possible to setup access rights.

what we want / our "Problem"

we have different people from different locations who will be working in the system.

those system might be combined in few spaces (like tutorials) but be restricted for others (like financial results etc.)

so the question is how to setup the users in groups so we don't need to create like 1000x of groups

detail example

in our office in thailand we would have abt 3 users,

"edit" / "view" / "admin"

those would be groups.

but we won't need those only for thailand but also for other locations,

where only the location itself should be able to view / edit their information.

meaning we would setup a user with following groups: location / role / 2nd role (etc)

is it possible to check if a user has both groups to access a space / page?

or do I need to setup groups like (thailand_sales_edit) (china_bookkeeping_view) etc... ?

also open for other idears.

thank you and best regards,

Matt

2 answers

1 accepted

4 votes
Answer accepted
Ryan Goodwin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 8, 2013

You could set up an ldap system that uses nested groups. We have documentation describing this. I believe this to be the solution to your needs as nested groups inherit the permissions of their 'parent groups'.

https://confluence.atlassian.com/display/DOC/Managing+Nested+Groups

Hope this helps!

2 votes
JohnA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 4, 2013

Hi Matt,

I'm sorry to say that permissions checks don't cascade so permissions checks will only check against one group, but you don't necessarilly need to configure so many groups if you can have a bookkeeping group and have all the members from every office who need those permissions. However, you will probably find that grouping as you are describing helps with user management in the longer term, even if it does require more groups.

All the best,
John

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events