Skip to main content

Understanding permissions

Because G Suite has a different permissions model than Jive, you need to understand the permissions of Jive places to correctly set up Google permission groups.

  • How Jive places use permissions In Jive there are three kinds of places: spaces, projects, and groups. Each one deals with permissions differently.

  • How to manage permissions with Jive user groups Jive user groups manage permissions assigned to one or more users. They determine things like whether a user can view or edit places, manage social groups, moderate content, or manage users.

  • How permissions work with Google When connecting a Jive place to G Suite, the administrator assigns permissions to individual users or creates Google user groups. You have two ways you can set up permissions for this integration:

    • By individual: Any user who can read content in the Jive place is added to the "can view" list for the Google-connected folder, and users who can create content in the Jive place are added as "can edit."

    • By group: The integration creates up to two Google groups per connected Jive place, and users are added to the appropriate group based on their permission level in the Jive place. For instance, in a member-only Jive group, the integration creates a Google user group and adds it to the "can edit" list for the Google-connected folder. Any member of the Jive group gets added to the Google user group. Note: The created Google groups are hidden and do not show up for users in any of the Google apps.

**How does it work with Google Drive **

When connecting a Jive place to Google Drive, the remote folder gets provisioning of the permissions differently depending on the place type. In the case of a group, each member of the group is added individually as a collaborator on the remote Google Drive folder.

For a space, it varies among the three types of permission groups:

  • For Everyone and All Registered Users: Either Everyone@<DOMAIN_NAME> or RegisteredUsersGroup@<DOMAIN_NAME> are added as a permitted group on the remote Google Drive folder. If this group doesn't exist on the Google Domain, the process of connecting the place is still completed successfully; no error is displayed on the UI, and access is not granted to any users.

  • For federated groups: Assuming the same LDAP server is configured against the Google domain, the remote folder gets provisioned with the same LDAP group as in Jive.

  • Manually created user groups: The users in such groups are added to the remote Google Drive folder one by one, similarly to the way it works with a group. This is the only use case where you can manage space permissions on an individual user level on the Google Drive side, although this approach works well only if the permission groups have less than 200 users.

Important Notes

  • Permissions sync from Jive to Google Drive happens automatically irrespective of whether the user currently exists or is later added to a permission group.
  • For a space with a custom Jive permission group, the members of that permission group are automatically added as contributors to that Google Drive folder when that Space is connected to Google Drive. After establishing the connection, any new user added to the permission group is also automatically added as a contributor to the Google Drive folder.
  • If sharing in Google Drive fails, the Join Group operation fails too.
Related

Managing Jive for Google Drive Files and Docs

Previous topic:Quick start

Next topic:Setting up Google side