Advanced Permissions: discussion

I’m very happy that the team is working on advanced permissions. I have a few question about this feature:

  • how are the roles going t be structured: something like in Wordoress or more hierarchy based (one role for workspace, another for board, yet another for folder, or perhaps even for an item only)?
  • is a user going to be able to see only a folder within a board or if they are invited to a folder they are going to be able to see all remaining folder in that folder?
  • is there going to be a central place to see all the users and their permissions grid?

I’m just curoius because I’m wondering how to structure data for my employees

Looking forward to hearing a detailed response to this.

1 Like

Hey @man, @chrish!

Thanks for bringing this up. :slight_smile:

I know that our CTO is personally assigned to build this advanced feature, so I’ll call out for @damir89 to join the conversation, just so I don’t mess something up in the explanation :slight_smile:

Looking forward to hearing from you, Damir!

2 Likes

Since it’s been over a week…

Hi all,

I’m cautious to reply to these questions since they can be treated as a promise and we don’t want to lose the flexibility to add/remove things that are in contrast to what was said in the community.
As we progress with development we weigh things in terms of value and technical difficulty and decide which ones to do first. So in the case of permissions, I can update you on the current status and close future plans.
Right now the roles are fixed per workspace, so there’s no additional roles on the board or item level. Those roles will have default permissions and can be changed on the board level. It is a good start but not flexible enough. However, we are considering the idea of groups to add more flexibility.
Also, granularity that you are mentioning is something really good to have, and I’m sad to say it will not be in the first version. We actually had that in our previous version of the app where some restricted members were able to see and edit only “the subtree” of the board, not being aware of the hierarchy above. But right now, our energy will be focused on things that we believe have the most value for most people.
For example, board owners don’t want users to modify attributes or delete folders, and that will be possible in the first version.
The question regarding a central place for permissions: Now we will have default permissions for each role and then customization on the board settings level.
This answer is the current state of thought, it doesn’t mean we are not going to change things if they make sense. Basically groups will be a really valuable addition to the whole story.
Hope this helps.

3 Likes

Thank you very much for this reply. I’m fully aware that lots of thing can change at this point and Infinity is going to grow in the coming years. I was just wondering what direction current devolpment takes and I appreciate a glimpse into internal brainstorming.

The reason I’m asking these question is that I’m planning to introduce internal development program and I’d like each employee to see their own progress. So am I right in saying that the best idea to do that now and in the upcoming advanced permission v1 is to create a separate board called eg. “Employee Development” and create a separate board for each employee (whre I can give tasks and they can mark their progress)?

Note, I’m not complaining or anything, just tryin to make the best use of Infinity right now.

2 Likes

Thanks for taking the time to give a thorough answer of the status as of now. The idea of group permissions is an excellent next step towards more granular and sophisticated permissions. Groups would allow a good amount of flexibility in setting up different degrees of access for now.

2 Likes

It should start with vision and direction adopted for the tool.
If tool is intended for individuals or small cohesive internal team members then sure no much worries about permissions.
But with most project these days external vendors working across multiple teams, then there are virtual team members and also cross departmental members mixed up in to the project team. On top of this there are governance stakeholders above and can be in all directions of the same organization or outside and can be in all direactions like government authorities, competitors, customer partners, public etc… you name it.
Why to worry about this diversity of the team mixutures? Intellectual property rights and confidentiality for technical, financial, legal, management etc… reasons. And in project management this is very critical by the definition of the projects. Without this ability to setup proper permissions either it is extremely inefficient (e.g. setting up all sensitive items into it’s own workspace or board. Imagine hundreds of boards in a project. That project management will be challenging and project dooomed to fail.)
Imagine no Folder level permissions. Analogously think of cloud storage providers without folder level permissions, rest you can think of the risk and impact to the owner.

There is no other implementation possible when it comes to permissions. A project management tool must give total control of setting permissions into the hands of the admin.
This is equally true in any other usage cases than project management.

I understand what Man is trying to say above. And more serious users like upper management in any organization or PMOs etc… evaluating it, the tool will fail in first screening due to lack of permissions.
I can go and give examples after examples but in the centre it will be just one thing. Permissions.

With undue access, I wouldn’t allow anyone free access to my data. I wouldn’t allow ayone free open access to my house. I wouldn’t allow anyone free access to my laptop. No company would give free access to their premises, floor spaces, companies don’t even give admin access to the laptops of their own employees. A country wouldn’t allow anyone free access to even enter. Permissions. Permissions. Permissions. That is how critical it is.

3 Likes

What I meant is that if Infinity tool has to reach large corporations worldwide and become top tool or tool amongst top 3 - 5 tools then permissions can’t be ignored. For me it should be starting point because that is how critical it is for serious use.

I think Infinity tool has real potential to be the best tool of all available project/task management tools. It has some cool things which are unique. But in this uniqueness the basics can’t be ignored.

In any case, I’m with Infinity and would love to get it better fast. And my advice, don’t launch without proper detailed permissions control in place.

2 Likes

Hi @gosahd,

Thanks for the detailed answer and your thought about how important permissions are.

We are fully aware and agree with you when it comes to that, and that’s why we’ve implemented permissions which would guarantee that the owner is in control of everything. Heck, we even (Recently) published permission per boards.

We really want to focus on giving the best control/access to the owner to control the system and actions, as well as make Infinity suitable for large companies & teams.

What do you think about the current setup/way permissions are built? The plan is to of course, make them more advanced and more detailed (per folder/view), etc, and we’ll definitely do that this year.

1 Like

Sorry for delay in response.
Yes, currently workspace and board level permissions are great. I enjoy that for sure. Without that it would be difficult to work in teams.
Different tools set permissions either,

  • function / feature based permissions with custom roles. So I can create a role and start giving permissions to different features. I have seen them greatly flexible.
  • object based permissions with custom roles. Currently we have this but without custom roles. Objects being workspace, boards, folders, views, attributes (fileds) etc…

Infinity team is smarter than I can think. I’m sure they will come up with good permission control model that will add even greater flexibility in tool.

1 Like

I agree that allowing permissions at a folder level are required.

As a consulting company, we work with specific products. I have a board for those products and use folders to organize the customers using those products and the different projects we do for those customers.

Allowing a customer access ONLY to their folder to see the status of all projects for them, or to specific subfolders to see specific projects is very important. I don’t want to give clients access at the board level because they would be able to see all our clients and all projects we’re doing.

5 Likes

Hey guys :slight_smile:

We’ll definitely improve permissions more in the future, maybe focusing on folder levels as well.

I see the need for that, of course. Getting the most out of our structure is definitely something that we want to emphasize and expanding permission on that field, as well.

4 Likes

Many thanks Coa…!
That would be great.

1 Like

Good evening everyone. Having spent time getting familiar with Infinity and its capabilities, I was starting to think about how I might practically organize content in the tool. As I was doing so, I tried to visualize a hierarchy the provides separation of data, with appropriate permissions for the content. In my search for strategies I stumbled upon this thread. I think it deals with some of the challenges I am facing. Like others have commented, it seems like folder permissions are important.

However, given that this seems like an overall lower priority for implementation, I figured that I must be missing something. Clearly, the Infinity team has a vision for how the product would be used and why the current permission scheme supports that approach. So I looked at Infinity videos and tutorials for clues on how they think about organizing content in the tool.

However, I’m struggling with how the current permission model enables what they propose. For instance, they suggest organizing a workspace by department (using a company as the Workspace). In one video, there is an example of adding an HR department as a board. If the intent is to keep basic employee data in this board, available only to HR staff, then this might work. However, if I wish to also include additional content, such as an Employee Onboarding section, the model instantly breaks. I can’t provide employees access to the onboarding information without also providing them access to employee data, as the most granular permissions are for a board. That means, I’d need to create another board for the onboarding information? Is that the expectation?

I worry that this quickly turns into a very shallow hierarchy with either lots of workspaces or lots of boards. Then the concept of a neat and well contained board per department disappears. Again, maybe I am not looking at this problem correctly, so suggestions are certainly appreciated.

I also expect that whatever structure I define may evolve over time, but in thinking this through I realized that a feature is missing to make that happen.

I can move boards between workspaces, but there is no way to move a folder between boards. Here is an example of why this is important. Imagine that I create an amazing set of data in a board that I want to share. I can’t provide everyone access to my board as there is other data I don’t want to share. I could create a new board for this data and move it there, but there is no option to move folders to a new board.

I could duplicate the board, delete all of the data that I don’t want to share and have a new board with this folder (or set of folders). But, there isn’t a way to consolidate these boards. Imagine I and others need to do this. I might find that we could consolidate these to create a new board with common content. As it is, I end up with lots of boards with very few folders and a mess at the workspace level.

Hopefully this makes sense and the challenges I am facing are just oversights on my part. I am just not seeing a way to do these things with the product that exists today.

4 Likes

Good discussion. Here’s the main header on the Infinity website :slight_smile:
One Tool to Organize All Your Work, Your Way
Work together with your team, store everything in one place,
and organize projects the way you want.

Indeed we would love to do that :-). But we can’t because there are no permissions at the folder level. As a small company it’s terribly inefficient to have to a different board for every project, and I’m right back to 10 different places (boards) to work instead of 1 place to work, which is the promise of Infinity. (I realize many larger companies, or companies that do things differently, want and need many boards).

If it’s a huge amount of work for Infinity to solve this at a permission level, perhaps it could be improved with a UI change. Just allow us to have our boards in a sidebar, so we can click through them just like we click through folders, instead of having to endlessly move in and out of boards. You’ve already got the fly-down view, how about just letting us pin that view open on the left side?

Thanks!

1 Like