Group Management

Overview

This page describes how to manage groups in Appian. Groups are used to organize your users, and can contain both user members and group members. Groups can also be categorized using group types and can give users access to specific areas of Appian using user roles.

The following image shows a group and its properties in Designer.

images:Group_Overview.png

  1. Groups can be viewed within an application or from the objects view.
  2. The breadcrumbs display the names of all parent groups in the same hierarchy; you can open a parent group by clicking on it. The current group is displayed more prominently beneath the breadcrumbs.
  3. The Members tab displays a grid of the group's members and relevant actions; the object and member type filters on the left pane will act on this grid. The Membership Rules tab displays the group's membership rules.
  4. Object names in the grid and breadcrumbs are italicized to indicate that they have not been added to the current application.
  5. The members grid displays both user and group members. Clicking on a group will open it and clicking on a user will open a dialog displaying the user's properties.
  6. The Details column displays the description for a group or the username for a user.
  7. The Member Type column indicates if the user or group is a member as a result of a membership rule (Rule), by being directly added as a member (Direct), or by being a member of a subgroup (Indirect).
  8. In this view, the search only returns results within the contents of the group.
  9. The members grid can be filtered by object or member type.

Actions on members in the grid can be taken from the toolbar, and actions on the current group can be taken from the gear menu.

images:Group_Gear_Menu.png

Properties

Group administrators can view and modify all group properties. Other developers who can view the group can view but not modify its properties, and cannot view its visibility, membership policy, and privacy policy.

All group type properties are configured through the Properties dialog. It can be accessed in one of two ways:

  • Select the group in Appian Designer and click on Properties in the toolbar.
  • To see the properties for the group that is currently open, click on the gear icon next to the group name to view the context menu and click on Properties.

images:Group_Properties.png

The complete list of properties for a group are:

Property Name Description
Name The name that is used when referencing the group. This name can also be returned when querying the groupName property using the group() function.
Description Supplemental information about the group that is displayed in the the application contents grid.
Parent The group will inherit security from its parent, and all of its members are indirectly members of the parent.
Members The users and groups that belong to the group. Privileges that are granted to the group will translate to its members.
ID The local ID is the Appian object identifier that gets stored in process and external database tables, which can be used to reference the group in expressions. Note that the local ID is not consistent between Appian instances.
UUID The UUID is another Appian object identifier that can be used to reference the group in expressions, and is consistent between Appian instances.
Group Type Group types allow you to further classify and provide additional properties about groups of that type.
Visibility Visibility determines if a group can be seen in places such as group directory lists, searches, and members lists. The three settings are Public, Personal, and Restricted.
Membership The membership policy determines how users may be added to groups.
Privacy Policy The privacy policy determines who can see the group's members.
Attributes The group's specific values for any additional properties defined on its group type.

Attributes

Attributes are custom fields that provide additional information about groups of a particular group type. The attribute's name and data type are defined on the group type, and the attribute's value is defined for each group of that group type.

For example, the Appian Department is a group type that has an attribute named "Director" which is a user data type. The Technology group belongs to the Appian Department group type, and therefore has a Director field to populate specifically for Technology.

If the attribute is a user or group data type, then a value is not required. For other data types, the value is required and pre-populated with a default value that is defined on the group type.

See also: Configure Group Type Attributes

Add or Remove Members

Group group administrators can add and remove a group's members.

  • To add members, click Add Members in the toolbar. A dialog displays, with a group and user picker; enter the desired groups and users and click Add.
  • To remove members, select the appropriate members in the grid and click Remove Members in the toolbar.

View or Modify Group Membership Rules

Another way of adding members to a group is by configuring membership rules. Group administrators can view and modify its membership rules, as well as view the number of membership rules directly in the tab name.

images:Group_Membership_Rules.png

  1. Navigate to the Membership Rules tab.
  2. Click New Rule in the toolbar to add a rule or click on an existing rule to modify it. A dialog with the rule conditions is displayed.
  3. From the first dropdown, select if the rule will apply to users or groups. If configuring a rule that applies to groups, a group type must be selected.
  4. Configure each rule condition by selecting a field, operator, and search criteria. The search criteria accepts wildcards (? and *).
    • For example, if you want to add users with the last name Lee, select Last Name as the field, is as the operator, and "Lee" as the search criteria.
    • Note: Only the first condition for a particular field will be considered when the rule is evaluated. For example, if you have the following two conditions in a rule, username contains "a" and username contains "b", only usernames with an "a" (but not those with a "b") will be added to the group. Use a custom field from the user profile to support more complex membership rule logic.
  5. To add more conditions click +. To remove a condition click the red X to the right of the corresponding condition.
  6. Click Create to create the new rule or Save to save changes to an existing rule.

To view the added members, return to the Members tab to view the updated group members.

To delete a rule, select it and click Delete in the toolbar.

Create a Child Group

Group administrators can create a new group by clicking on New Group in the toolbar. The new group's parent is pre-populated with the current group.

Groups always inherit security from their parent group if they have one. See Parent property above.

The security role map of a group controls which developers can see or modify it and its properties. By default, only the group creator and system administrators have access to the group. See Editing Object Security to modify a group's security.

The only permission level that can be used in a group's role map is Administrator. Group administrators can do the following:

  • Add and remove group members
  • View and modify group security
  • Configure membership rules
  • Configure properties and attributes
  • Create a new group as a child of the current group
  • Delete the group

Delete

Group group administrators can delete a group by selecting a group in the grid and clicking Delete in the toolbar. System administrators may select multiple groups to delete.

Open in Github Built: Tue, May 23, 2023 (06:12:33 PM)

On This Page

FEEDBACK