2 Replies Latest reply on Feb 3, 2016 8:50 AM by francky RSS
    francky Explorer

    Multiples organizations but same users

    Hello everybody,

     

    i'm currently in a situation where I have 2 apps for the same client, and did not anticipate the users organisation very much.

    So i'm sitting with 2 non-related organisation, each with their own home mashup assigned, but with some users belonging to both.

    It currently works because they're not much and I can do it by hand, but it will soon go into production for all the country.

    The problem is that, there's one administrator for each app, and so there's could be collision when creating users. That I should be able to handle with my creation service and mashups.

    The big question is, how to handle this for it to not become overcomplicated and that the permissions are rightly given.

     

    For now I have 2 big groups containing every normal users for each app, plus some minor groups inside those groups for differents more specialized roles (technician, admin, etc)

     

    I'd like a way for admins to know every users of the whole company, giving them access to the app they're administering and for me to still manage groups and units, without overlapping permissions (like letting Admin A seeing people of Group B)

     

    for visibility, I'm thinking about using one organization for everyone of them and then others organizations for each app

    for permissions, would it be wise to make a single group, containing the 2 smallers groups I currently have ?

     

    Sorry if I'm not clear, i'll try to get clearer over time

      • Re: Multiples organizations but same users
        pchung Collaborator

        Not sure if there needs to be full multi-tenancy in play, ie visibility permissions on Entities and Visualizations that users can/cannot see in their own or the other app.

        If that is the case, you can always set up a 'General Visibility Org' to which you add the Users group and set sweeping Visibility with that, and then specific visibility with the User organizations.

        For permissions you could go with the way you indicated, or you can set up App Permission Groups/Function Groups ie. a Group that has permission to a certain app, or a group that has permission to a certain functionality within one of the apps, this will allow you to then assign Users to any and all parts.

        You can take that a step further by creating User Role groups if necessary.

        ie. App1UserManagers are in Functional Groups App1ManageUsers, App1ManageAssets etc.

        This might give you some added flexibility that may or may not come in handy in the future.

         

        Not sure if you have a big concern about what 'home screen' users end up in, but you could direct them to a landing page that derives the home mashup based on the User's groups.