How permissions work with Google

When connecting a Jive Place to G Suite, the administrator assigns permissions to individual users or creates Google user groups.

You have two ways you can set up permissions for this integration:

By individual
Any user who can read content in the Jive place is added to the "can view" list for the Google-connected folder, and users who can create content in the Jive place are added as "can edit."
By group
The integration creates up to two Google groups per connected Jive place, and users are added to the appropriate group per their permission level in the Jive place. For example, in a member-only Jive group, the integration creates a Google user group and adds it to the "can edit" list for the Google-connected folder. Any member of the Jive group gets added to the Google user group.
Note: The created Google groups are hidden, and do not show up for users in any of the Google apps.

The following image shows how Google permissions look:

How does it work with Google Drive

When connecting a Jive place to Google Drive, the remote folder get provisioning of the permissions differently depending on the place type. In case of a group, each member of the group is added individually as a collaborator on the remote Google Drive folder.

In case of a space, it varies among the 3 types of the permission groups:

For Everyone and All Registered Users
Either Everyone@<DOMAIN_NAME> or RegisteredUsersGroup@<DOMAIN_NAME> are added as a permitted group on the remote Google Drive folder. If this group doesn't exist on the Google Domain, the process of connecting the place is still completed successfully, no error is displayed on the UI and access is not be granted to any users.
For federated groups
Assuming the same LDAP server is configured against the Google domain, the remote folder gets provisioned with the same LDAP group as in Jive.
Manually created user groups
The users on such groups are added to the remote Google Drive folder, one by one, similarly to the way it works with a group. Note this is the only use case where you can manage space permissions on an individual user level on the Google Drive side. This approach, however, works well only if the permission groups have less than 200 users.

Important Notes

  • Permissions sync from Jive to Google Drive happens automatically irrespective whether the user currently exists or is later added to a permission group.
  • For a space with a custom Jive permission group, the members of that permission group are automatically added as contributors to that Google Drive folder when that Space is connected to Google Drive. Also, after establishing the connection, any new user added to the permission group is automatically added as a contributor to the Google Drive folder.
  • If the sharing in Google Drive fails, the Join Group operation fails too.