Section 12.3   Groups

A group of users is given access to work areas (scope of projects/collections) that all need access to the same resources. Groups can be created based on individual users who all need access to certain resources or based on global groups (such as departments: accounting, business function (accounts payable or accounts receivable), or workflow process function (invoice approval).

Section 12.3.1                  Create a New Group

Using the Navigation Tree, select Users>Groups>Policies>Scopes. Each section contains tables showing information for each security level. Select the Groups tab to view a list of users and Policies assigned to the Group. Select Add New to create a New Group. You can edit, delete, or view the group settings by highlighting the group and selecting edit, delete, or details, respectively.

Section 12.3.2                 Group Properties

Section 12.3.2.1           Group Name

Give the Group a descriptive name. Some examples of good group names are A department (Operations), a business function (Accounts Payable), or a processing function (Reviewers).

Section 12.3.2.2           Group User(s)

Users can be assigned directly to a group. The user will keep the permissions granted to the user. The user will then be granted access to work areas under the group scope. Users can belong to multiple groups. 

Section 12.3.2.3           Group Security Policy

A group-level security policy defines which portal areas (Policy) and project or collections (Scopes) the users assigned to the group have access to. 

Section 12.3.2.5.1                Data Policy

A Group Data Policy grants access to work areas in the workspace. Roles can be inherited in the group policy, or can be defined separately. If a Role has a data policy defined, the Role Data Policy overrides the Group Data Policy.