Security Basics
Access to a Box is based on:
Global roles defined in App Administration (application access settings - if a user isn't added to the App itself, they won't be able to access any Boxes because they won't even see the App's tab at the top)
Default roles specified for a Box type
Roles configured for an individual Box
Roles inherited from upper-level Boxes
Inheritance mode
mode | description |
---|---|
Own with inherited | Box users = manually added + inherited |
Inherited only | Box users = inherited In the "Inherited only" mode, the Security tab of an individual Box is hidden (you can't access it in Box configuration). |
Change of the inheritance mode affects ALL boxes | ||||
---|---|---|---|---|
from | to | result | ||
Own with inherited | → | Inherited only | = | manually added users lose access |
Inherited only | Own with inherited | restores the previously existing users |
Inherited security roles
Roles are always inherited from upper levels.
Inherited security roles are not displayed in the Box Security.
To know what user roles have been inherited but aren't being displayed, you have to check the upper levels of the hierarchy (technically, that would include all parent Boxes up to the root level).
Example
if Cassandra is a Box editor for "SAFe ART (Smart house App)", she is also automatically a Box editor for "PI 1" and "Iteration 1". In the example below, "Iteration 1" inherits security roles from "PI 1", "SAFe ART (Smart house App)" and "Home" Boxes.
For example, Angela Hambleton is an Editor in the "Project Portfolio" Box.
"Hybrid project (Sport App)" is nested under the "Project Portfolio."
In "Hybrid project (Sport App)", Angela Hambleton isn't visible on the user list in Box Configuration, even though user roles are inherited, which makes Angela Hambleton an Editor in the "Hybrid project (Sport App)" Box.
Default security roles assignment
When you create a box of a given type, default users and groups are added (per the box type settings).
Existing boxes remain unaffected.