Submit Your Suggestions for Viewpoint Team

Need Customizable Security Groups or Add More

Currently if we have Field Engineers entering Submittals and RFIs, they have to be given Project Editor access.  This then allows them to make modifications in the Documents module.  We have legal documents that we only want to give to the PMs and/or Owners so there is no way to disallow these types of users from accessing them.  Since these users are Project Editors, they see ALL the folders no matter what the permissions are on them.

 

We also have the need for a Read-Only Security that gives a user access to everything in their Projects but in a read-only state.  This would benefit some Owners and our internal Executives.  

  • Mercedes Green
  • Jan 31 2018
  • Planned
Company Skygrid
Job Title / Role
I need it... 3 months
  • Attach files
  • Mary R commented
    February 21, 2018 00:26

    I think you can set security in the Documents per user.

    Have you tried setting up owners up as Reviewers? In my testing this allows them to see things but not comment or really interact with records, just see them if they are public.

    Am I incorrect in these conclusions? I'm curious whether I'm missing something.

  • Admin
    Josh Wright commented
    February 23, 2018 19:59

    We definitely agree we need both more granular (folder level) security in Documents as well as the ability to apply that by group.

    We're planning to work through designs for more elaborate permission controls in mid-March.  We'll reach out to those on this suggestion for feedback.  

    Generally we see this (for documents specifically) as a pivot from roles being inherited from your project role to being folder level roles.  So you can be a reviewer on one folder and an editor on another folder.  

    Then we'll add the ability to have groups of users that you can add to a folder rather than having to add every individual user. 

    Also considering that maybe 'Project Editors' shouldn't have access to every folder necessarily, but moving that up to 'Project Admins'.  Would be interested in input on this one in particular.  

  • Max Brown commented
    February 23, 2018 20:12

    Really looking forward to that Josh. This is a make it or break it feature for our organization. I would really encourage you to visit your Viewpoint for Projects (VFP) platform. Security there was really set up well. Enterprise admins had the ability to create security groups and then use a project template to create security groups per project. Also, the parent and child folder security is more practical than the current team structure. A user could be granted security group specific access to each child folder, independent of the parent folder permissions. This is very helpful because it allows for a logical grouping rather than a grouping dictated by security measures.

  • Admin
    Josh Wright commented
    February 23, 2018 20:27

    Max, there are definitely some things from VFP we want to bring over.   Team is being built ground up, and one of our key tenants is simplicity/ease of use.  So we're started rather simply and are being very thoughtful in how we add complex items to Team (like hierarchal security) without over complicating the system.

    That being said, you can already control users security at whatever level folder you'd like. You can add a user to the 3rd level deep and they wouldn't be able to see any items in the parent folder.  However you can't override their security, so if you add them to a top level folder, you (currently) won't be able to over-ride that inheritance down below.  

    We're working on a couple things to make this a bit more obvious, in the near term.  But today if you can edit a child folder by selecting it in the grid (while you are in it's parent folder) and choosing edit from the ... menu.   From there you can add users who you only want to have access to that folder and not the parent.

  • Mercedes Green commented
    February 23, 2018 20:31

    Hi Mary,


    Unfortunately having our Owners as Project Reviewers works with Documents but doesn't give them access to see any Submittals or RFIs unless we CC them on everything and they did not want to be inundated with hundreds of emails.  

  • Max Brown commented
    February 23, 2018 20:34

    I understand your approach. And simplicity is always a plus. I am confident that you and your team are making efforts to strike the difficult balance of simplicity and functionality. To my understanding, parent folder permission is necessary to view a child folder. However, parent folder permission currently grants access to all child folders, thereby negating the ability to deny access for a user to select child folders; if I am correct in my understanding, this is a problem and forces the creation of more parent folders in order to properly apply appropriate security.

  • Admin
    Josh Wright commented
    February 23, 2018 20:48

    Parent folder access is not required to view a child folder.  Let's assume a structure like this.

    • Folder 1
      • Sub Folder A
      • Sub Folder B
      • Sub Folder C 
        • Third Level Folder

    Today you can add a user directly to 'Third Level Folder' without any other permissions.   When they login, they'll see just enough of the parent folders to navigate the hierarchy, but won't have access to it.  (Not quite how VFP handles this where you can hide structure with virtual containers)

    A user added directly to 'Third Level Folder' would see this in their tree.  

    • Folder 1
      • Sub Folder C
        • Third Level Folder

    The user added to 'Third Level Folder' would not be able to see any documents or other folders in 'Folder 1' or 'Sub Folder C' we simply just give them the breadcrumbs of where their folder lives (as many times this provide context to the document).  

  • Max Brown commented
    February 23, 2018 22:03

    That's hugely helpful! I misunderstood that during today's implementation training. Thank you for explaining it.I know you mentioned working on the permission controls mid-march. How long do you think it will take for security groups to be developed?

Dear Viewpoint Suggestion Box contributor;

We at Viewpoint sincerely thank you for your contribution to Suggestion Box on how we can improve Viewpoint products. While we can’t do everything at once, we rely upon your feedback to help guide the prioritization of our product improvements, and Suggestion Box is a critical tool for us to understand and prioritize our customers’ needs. Viewpoint reviews Suggestion Box regularly for all of our products and updates statuses, adds comments, and performs various house-keeping (including deleting) as needed to ensure that Suggestion Box is maintained as a productive environment for product enhancements requests.