Permission toggle switch
The Security settings can be configured only when the 'Permissions for everyone' toggle switch is off.
Toggle switch on
Enabling 'Permissions for everyone' comes in handy for small organizations or while evaluating the application. As a result, it is easier to test and learn how things work. However, switching the 'Permissions for everyone' option on in a live environment may require more advanced access control.
When enabled, every logged-in user has the same (Administrative) level of access which includes:
- App's administration
- Boxes and their content (depending on Jira permissions and security settings)
When you proceed to the App's Administration > Security tab, you will not be able to configure any Security roles:
The Security settings available in the Box configuration will also be disabled.
Toggle switch off
When the 'Permissions for everyone' toggle switch is disabled, you can edit role permissions in the Security settings available under the App's Administration:
You will be able to implement changes to the Security settings in the Box configuration as well.
Security settings configuration
In general, you can find information on Security settings on the following pages:
- Box Types - this page contains information on configuring the default Security settings that work as a template when you create new Boxes and the Inheritance mode.
- Global Roles - you are on this page - it explains App's Administration settings and how access to the App is granted to, for example, Jira users.
- Box configuration - this page explains what roles are available within the App and how to change them for an individual Box.
- Security - this page explains the impact of setting up security Roles for the Home (root) Box and lists available roles.
You can change the global security in the BigPicture configuration. Otherwise, all users will be granted the highest level permissions.
Besides the Jira permission and security settings which are always respected by the app, there are two main levels of security:
- App level (described on this page)
- Box level
- Includes the root (home) box
- boxes created and nested under the home box
Once the 'Permissions for everyone' option is disabled, permissions can be granted to both individual users and Jira groups (Jira groups can only be created by a Jira Admin).
Security and access
Only a user with the App's admin security role can access and change the Security settings.
Navigate to Administration > Security.
Click the "wrench" icon at the top. Select "Security" from the drop-down list.
Global security roles
With this security role, you have administration access to every Box, Gadget, and Business Administration. This means that as an App Admin, you will see all the created Boxes and have access to configuration areas.
Jira admins are automatically granted the App admin security role, even though they aren't automatically listed in App Administration > Security tab.
App Administrators don't necessarily need to be Jira Administrators. You can simply add a user as an "App Admin" if you want them to have full permissions in the App (access to all configuration, settings, and ability to edit/create/delete Boxes and tasks).
Adding someone as an App admin doesn't mean they are listed as users for individual Boxes, but they do have full access.
With this role, you have basic access to the App and see the App's name on the header. Remember that this does not mean you have access to any Boxes.
For Example, Amiah has been added as an App user in the App's administration but hasn't been added to any existing Boxes. Even though she can access the App, when she goes to "Home," she will see the "There's nothing to display" message.
Leo is taking over the New Portfolio. He has been added to the Box as an admin but hasn't been added as a user in App Administration. When he logs in, he can't access the BigPicture.
After logging in, Leo doesn't have access to BigPicture.
Make sure to grant users access to Boxes and Gadgets as well as access to the App itself.
With this role, you have the access to on the Administration page (and all available operations within these pages).
The Resource Admin role is effectively an extended App User role, which means that such a user:
- has basic access to the App (can access their user profile and sees the App dropdown in the header)
- can access Boxes based on individual Box security settings, but does not receive access to all Boxes automatically like the App Admin
- additionally, the user is allowed to administer resource-related global configuration (Administration > Resource manager page with all subpages, with no access to Box types and Security)
- cannot access the App configuration, unless the User is an Admin of the host platform at the same time.
It is possible to grant access to a Jira user group.