Permission management on a task level – with OpenProject’s Share feature
As a project manager, you want to make sure everyone can do exactly what they need to do to drive the project forward - no more and no less. On the one hand, this concerns people who are directly involved in the project. On the other hand, it also applies to people who are not part of the internal project group but require permissions for specific tasks. In this article, let’s go through a practical example of how you can use OpenProject to ensure that all necessary permissions are set and sensitive data is protected.
We will take a closer look at Example-City, a fictitious municipally in Germany, which plans to start a huge project – digitizing the traffic department. What will they need to do when starting the project, what permissions are needed during the project and how can they manage permissions when the project has ended?
Before the project: Decide on the required user permissions
It’s 9 a.m on a Tuesday morning in Example-City, Germany. Project portfolio manager Charlotte gathers her team to define the necessary user permissions for their digitization project. The challenge lies in adhering to data protection laws while enabling efficient workflows. Charlotte has created a new project in OpenProject and now sets up comprehensive permissions for the core project team, including project manager Malik. Malik gets administrational permissions, while the rest of the core team is set up as standard project members with permissions to view, comment and edit work packages.
To make the transition to digital processes as easy as possible for the traffic department at the end of the project, employees from this department will be added to the project from the outset. However, it is not planned that they will be actively involved, so they will have view-only rights. Charlotte creates a new role in OpenProject for this purpose and defines in detail which access authorizations this role should have.
The following video shows the numerous permission options of a new role in OpenProject from which a system manager (with administrative rights for the entire instance) can choose:
During the project: Share work packages with external users and adjust internal permissions
Share work packages with users who are not part of the project
In addition to the core team for the digitization project, Example-City has already commissioned an external service provider to scan the analogue data. This external service provider needs to know some basics, e.g. if blockages or risks arise in the project. They also need access to some of the work packages related to the file scan. However, only to these specific work packages, as other work packages in the project contain sensitive data. Despite the confidentiality agreement, the external service provider should only be given access that is really necessary - also for organizational reasons, so that they are not distracted by information that is irrelevant to them.
To do so, Charlotte invites Cyril from the scan company to their OpenProject instance. However, she does not invite him directly to the project, but shares only the necessary work packages with him.
Share work packages with project members to adjust permissions
But then, in the middle of the project, something unexpected happens: a new regulation is introduced that requires immediate attention and the adaptation of certain digitization processes. Charlotte recognizes the need for specialist knowledge and learns that Lucas from the traffic department is responsible for legal issues. But remember the permission setup before the project: all employees in the traffic department only have view permissions in the project.
To simplify direct involvement and ensure compliance with regulations, she therefore wants to give Lucas editing rights to the relevant work packages. To do this, she shares these work packages with Lucas and selects “Edit” as the access authorization. Lucas’ access rights do not change for the remaining work packages in the project - he still has “view-only” rights here.
This precise authorization adjustment allows Lucas to make the necessary changes directly in OpenProject and ensure that the project complies with the latest legal requirements.
In OpenProject, Charlotte and other administrators get a detailed overview of current shared work packages:
About OpenProjects Share feature: If you want to give a person access to a work package to either have permissions to view only, to comment or to edit, you can share the work package with them. This can be either a person who…:
- is already a member of the project (like Lucas in our example)
- is a user on OpenProject, but no project member
- is not yet part of OpenProject – in that case, they can be invited to the instance via Share feature (like Cyril in our example)
Read more in our user guide. Please note that the Share feature is an Enterprise add-on.
After the project: Remove permissions and shares that are no longer required
After the successful completion of the digitization project in Example-City, it must be ensured that the project is properly completed. This also means that all temporary permissions and approvals are revoked to ensure the security and integrity of the data. This last step is just as important as setting up permissions at the beginning of the project.
Once the project goals are met and the traffic department is up and running with the new digital processes, Charlotte takes the time to review all permissions and approvals that have been set up throughout the lifecycle of the project. She starts by identifying all external staff, such as Cyril from the scanning company, and revoking their access to the project’s work packages. This is to prevent unauthorized people from accessing the project data after their contribution has been completed.
Charlotte then adjusts the permissions of traffic department employees, including Lucas, who have been granted temporary editing rights for certain requests during the project. She ensures that their permissions are reverted back to “view” or removed altogether when their involvement in the project is no longer required. This measure is important to protect sensitive information and ensure that only current and relevant personnel have access to digital resources.
However, she does not want to archive the project yet, because: The digitization of the traffic department serves as a precedent for future digitization processes at Example-City. By archiving the project, it would no longer be visible to anyone and could no longer serve as an example. This is precisely why it is so important to carefully check and adjust the permissions at the end of the project.
OpenProject is a great choice for organizations in the public sector
In conclusion, OpenProject stands out as an exemplary project management tool for cities embarking on the path to digital transformation, with key benefits including:
Robust Permissions Management: OpenProject’s innovative sharing feature makes it easier to manage permissions and offers an unmatched level of flexibility. This feature enables granular control not only at the project level, but also extends to individual work packages, allowing project managers to tailor access rights to the exact needs of individual tasks and team members.
Commitment to Data Privacy: OpenProject’s dedication to data privacy is evident in its compliance with leading data protection standards, such as GDPR. The platform’s proactive approach to data security, featuring regular security updates and transparent data processing policies, makes it a trusted tool for public administration projects.
By adopting OpenProject, cities not only gain access to a powerful project management platform, but also align with a solution that prioritizes the protection of digital assets and sensitive information, ensuring a secure and efficient digital transformation journey.
Get your free 14-days trial for OpenProject Enterprise cloud here: https://start.openproject.com/