Group Management

Overview

Groups are used to organize your Appian users, and can contain both user members and group members. Groups in turn can also belong to a specific group type, which categorizes the group further.

It is best practice to use groups when securing your design objects and applications. By specifying various levels of security for distinct groups, individual user accesss can be controlled by simply adding or removing users to the appropriate group. Groups also designate user roles to give users access to certain areas of Appian.

This page describes how to manage groups. Designers can click on a group anywhere in Appian Designer to open them and view their contents, if they have access.

images:Group_Overview.png

  1. Groups can be viewed within an application or from the objects view.
  2. The breadcrumbs display the names of all parent groups in the same hierarchy; you can open a parent group by clicking on it. The current group is displayed more prominently beneath the breadcrumbs.
  3. The Members tab displays a grid of the group's members and relevant actions; the object and member type filters on the left pane will act on this grid. The Membership Rules tab displays the group's membership rules.
  4. Object names in the grid and breadcrumbs are italicized to indicate that they do not belong to the current application.
  5. The members grid displays both user and group members. Clicking on a group will open it and clicking on a user will open a dialog displaying the user's properties.
  6. The Details column displays the description for a group or the username for a user.
  7. The Member Type column indicates if the user or group is a member as a result of a membership rule (Rule), by being directly added as a member (Direct), or by being a member of a subgroup (Indirect).
  8. In this view, the search only returns results within the contents of the group.
  9. The members grid can be filtered by object or member type.

Actions on members in the grid can be taken from the toolbar, and actions on the current group can be taken from the gear menu.

images:Group_Gear_Menu.png

Properties

Group creators and group administrators can view and modify all group properties. Other designers who can view the group can view but not modify its properties, and cannot view its visibility, membership policy, and privacy policy.

All group type properties are configured through the Properties dialog. It can be accessed in one of two ways:

  • Select the group in Appian Designer and click on Properties in the toolbar.
  • To see the properties for the group that is currently open, click on the gear icon next to the group name to view the context menu and click on Properties.

images:Group_Properties.png

The complete list of properties for a group are:

Property Name Description
Name The name that is used when referencing the group. This name can also be returned when querying the groupName property using the group() function.
Description Supplemental information about the group that is displayed in the the application contents grid.
Parent The group will inherit security from its parent, and all of its members are indirectly members of the parent.
Members The users and groups that belong to the group. Privileges that are granted to the group will translate to its members.
ID The local ID is the Appian object identifier that gets stored in process and external database tables, which can be used to reference the group in expressions. Note that the local ID is not consistent between Appian instances.
UUID The UUID is another Appian object identifier that can be used to reference the group in expressions, and is consistent between Appian instances.
Group Type Group types allow you to further classify and provide additional properties about groups of that type.
Visibility Visibility determines if a group can be seen in places such as group directory lists, searches, and members lists. The three settings are Public, Personal, and Restricted.
Membership The membership policy determines how users may be added to groups.
Privacy Policy The privacy policy determines who can see the group's members.
Attributes The group's specific values for any additional properties defined on its group type.

Attributes

Attributes are custom fields that provide additional information about groups of a particular group type. The attribute's name and data type are defined on the group type, and the attribute's value is defined for each group of that group type.

For example, the Appian Department is a group type that has an attribute named "Director" which is a user data type. The Technology group belongs to the Appian Department group type, and therefore has a Director field to populate specifically for Technology.

If the attribute is a user or group data type, then a value is not required. For other data types, the value is required and pre-populated with a default value that is defined on the group type.

See also: Configure Group Type Attributes

Add or Remove Members

Group creators and group administrators can add and remove a group's members.

  • To add members, click Add Members in the toolbar. A dialog displays, with a group and user picker; enter the desired groups and users and click Add.
  • To remove members, select the appropriate members in the grid and click Remove Members in the toolbar.

View or Modify Group Membership Rules

Another way of adding members to a group is by configuring membership rules. Group creators and group administrators can view and modify its membership rules, as well as view the number of membership rules directly in the tab name.

images:Group_Membership_Rules.png

  1. Navigate to the Membership Rules tab.
  2. Click New Rule in the toolbar to add a rule or click on an existing rule to modify it. A dialog with the rule conditions is displayed.
  3. From the first dropdown, select if the rule will apply to users or groups.
  4. Configure the rule condition by selecting a field, operator, and search criteria.
    • For example, if you want to add users with the last name Lee, select Last Name as the field, is as the operator, and "Lee" as the search criteria.
    • When configuring a rule that applies to groups, a group type must be selected.
  5. To configure more conditions, click the +; to remove a condition, click the red X to the right of the corresponding condition.
  6. Click Create to create the new rule or Save to save changes to an existing rule.

To view the added members, return to the Members tab to view the updated group members.

To delete a rule, select it and click Delete in the toolbar.

Create a Child Group

Group creators and group administrators can create a new group by clicking on New Group in the toolbar. The new group's parent is pre-populated with the current group.

Security

The security rolemap for a group contains only the administrator role, in addition to the group creator. They can do the following:

  • Add and remove group members
  • View and modify group security
  • Configure membership rules
  • Configure properties and security settings
  • Create a new group as a child of the current group
  • Delete the group

To view and modify a group's security, select the group and click Security.

When a group is specified as an administrator, the administrator privileges translate immediately to its members. For example, if Group 1 is an administrator of Group 2, adding User 1 to Group 1 automatically and immediately makes User 1 an administrator of Group 2.

Delete

Group creators and group administrators can delete a group by selecting a group in the grid and clicking Delete in the toolbar. System administrators may select multiple groups to delete.

FEEDBACK