The security settings can be configured only when the 'Default Roles' option is selected in the BigPicture Configuration (Go to App configuration (wrench icon at top right) > App configuration).
In general, you can find information on Security settings on the following pages:
- Box Types - this page contains information on configuring the default Security settings that work as a template when you create new Boxes and the Inheritance mode.
- Global Roles - you are on this page - it explains App Administration settings and how access to the App is granted to, for example, Jira users.
- Box configuration - this page explains what roles are available within the App and how to change them for an individual Box.
- BigPicture configuration - this page gives you information on how to activate/deactivate the use of roles within the App.
- Security - this page explains the impact of setting up security Roles for the Home (root) Box and lists available roles.
You can change the global security in BigPicture configuration. Otherwise, all users will be granted the highest level permissions.
Besides the Jira permission and security settings which are always respected by the app, there are two main levels of security:
- App level (this page)
- Root level
- Box level
Once you have enabled the "Default roles," permissions can be granted to both individual users and Jira groups (Jira groups can only be created by a Jira Admin).
Security and access
Only a user with the App admin security role can access and change the Security settings.
To view this page go to Administration > Security.
Global security roles
With this security role, you have administration access to every Box, Gadget, and Business Administration. This means that as an App Admin, you will see all the created Boxes and have access to configuration areas.
Jira admins are automatically granted the App admin security role, even though they aren't automatically listed in App Administration > Security tab.
App Administrators don't necessarily need to be Jira Administrators. You can simply add a user as an "App Admin" if you want them to have full permissions in the App (access to all configuration, settings, and ability to edit/create/delete Boxes and tasks).
Adding someone as an App admin doesn't mean they are listed as users for individual Boxes, but they do have full access.
With this role, you have basic access to the App and see the App's name on the header. Remember that this does not mean you have access to any Boxes.
For Example, Aaron has been added as an App user in the App's administration but hasn't been added to any existing Boxes. Even though he can access the App, when he goes to "Home," he will see the "There's nothing to display" message.
June is taking over the EMEA Initiative. She has been added to the Box as an admin but hasn't been added as a user in App Administration. When she logs in, she can't access the BigPicture.
After logging in, June doesn't have access to BigPicture.
Make sure to grant users access to Boxes and Gadgets as well as access to the App itself.
With this role, you have the access to on the Administration page (and all available operations within these pages).
The Resource Admin role is effectively an extended App User role, which means that such a user:
- has basic access to the App (can access their user profile and sees the App dropdown in the header)
- can access Boxes based on individual Box security settings, but does not receive access to all Boxes automatically like the App Admin
- additionally, the user is allowed to administer resource-related global configuration (Administration > Resource manager page with all subpages, with no access to Box types and Security)
- cannot access the App configuration, unless the User is an Admin of the host platform at the same time.
It is possible to grant users in bulk access to our plugins, by adding Jira user groups.