For efficiency, it would be beneficial to have the ability to cascade application permissions from the App Folder level. Currently, permissions are only available to be configured on an app by app basis. When we have a series of applications under an App Folder, we have to to to each individually to assign permissions.
Additionally, having the ability to group users into a “group” in the platform and assign permissions to applications based on a group, instead of a individual user basis would also be beneficial.
Hi John, I am a product manager that is working on permissions. These are great ideas! Question for you- can you give concrete examples of the sorts of folders that you want to use that would have default permissions? I am thinking through the best places to apply permissions.
Hi Kevin, thanks for the response!
When it comes to default permissions, I think that it is fine that the current settings on applications is the “Everyone” are Owners as long as the creator of the application is aware of this default setting and anyone that has the permissions to modify applications, has the opportunity to do so.
Where our organization struggles is in the fact that we utilize a central development instance. This means that many users are in the environment and have a role that allows them to modify applications. If we do not update the permissions on the applications we are building, there is an opportunity for someone to modify them.
That being said, we categorize our applications into App Folders based on teams, sites, projects, etc. These App Folders may have numerous applications under them that should all have the same permissions. Instead of applying the permissions to each and every individual application, it would be easier to do it based on the App Folder level. Something similar to Windows File and Folder Level permissions would be ideal where settings could propagate and be modified individually application by application if needed.
And as mentioned before, the icing on the cake would be if we could create custom groups (basically security groups) with the users in the platform and grant the group permissions to the App Folders and Applications instead of on an individual user basis as it is now.
Happy to collaborate and discuss more if needed!
Makes a lot of sense. Thanks for this. User Groups is a high priority for us. Will think more on the right level of abstraction for permissions- definitely agreed that content has certain “themes” and based on the theme, you should know which permissions will be assigned to it.