Skip to main content

How Jive Places Use Permissions

In Jive, there are three kinds of places: spaces, projects, and groups. Each one deals with permissions differently.

Space Permissions

Space permissions are managed by assigning permissions to either user groups or individuals. A user can view and edit a space when they belong to a user group that has this permission or are assigned this permission through a user override.

Access to Jive spaces is governed by associating them with a Jive user group, which defines permissions for groups of users.

There are three types of user groups in Jive:

  • A custom user permissions group configured in Jive.
  • A custom user permissions group provisioned from LDAP or another directory server.
  • The built-in Jive groups Everyone and All Registered Users. Everyone includes all users in Jive. All Registered Users excludes external and anonymous users.

Spaces exist in a hierarchy and are subject to permissions set in the Jive Admin Console. Spaces inherit their permissions from any parent space. For example, if users in the All Registered Users permissions group have access to a space, they automatically gain access to any subspaces and projects unless an override is created.

Social Group Permissions

Group permissions are managed by user levels. When a user creates a group, they become a group owner. Group owners, full access admins, and system admins can edit groups.

Project Permissions

Projects contained by a space inherit the permissions of that space. Projects contained by a social group inherit the permissions of that social group.

When creating projects or spaces linked to SharePoint, it is important to ensure they are set up with the correct permissions. A project that inherits permissions from an unrestricted space could grant access to every member of the community.

For Jive places that grant access to built-in Jive permissions groups like Everyone or All Registered Users, Jive defaults to granting access to the Everyone principal in SharePoint. This can be mapped using SharePoint add-on settings during Jive-side setup.

Each site created on the Jive side that integrates with SharePoint is provisioned with the following SharePoint permission groups:

  • [site name] Jive Contributor Users
  • [site name] Jive Full Control Users
  • [site name] Jive Read Users

These groups determine user rights based on the permissions applied on the Jive side:

  • For custom permissions groups, users are assigned to Jive Contributor Users or Jive Read Users based on their read/write or read-only rights.
  • For LDAP-provisioned permission groups, it is assumed that SharePoint can directly access the same permissions for each user.
  • Proper mapping of the Everyone principal during setup is essential if a smaller group of users needs access compared to the default SharePoint group.

For more information, see Managing permissions and Managing user accounts and user groups.

Related

Understanding permissions