Administration of Projects and Invites

Features & Ideas
1

Hello Specklers,

Lately and as we are rolling out the first implementation wave of Speckle in our firm soon, I had a few thoughts about project administration which in the end led to the two Feature Wishes below :slight_smile: .

A: Stream (Project) Creation Rights
Currently, there is at least to my understanding absolute freedom to create new streams (projects). The issue with that is that in bigger organizations and project teams, there is the potential of creating multiple streams for the same project.
We have seen that in our organization with MS Teams … the beginning in 2019 was Sodom and Gomorrha until we have restricted it in 2020 :slight_smile:. In order to prevent that with Speckle it would be great to have the possibility to add admin settings so that only the Speckle admins are able to create streams (projects).
In the end, it’s a communication issue inside of the teams, but the limitation of freedom, in this case, helps prevent chaos on Speckle Servers with lots of users. Of course, this strategy makes only sense when you are using Speckle as a project data/exchange hub and not just for dynamic data exchange, cleaning up the db depending on the accumulated data trash from time to time.

B: Server Invites
The most interesting aspect of Speckle in our opinion is the potential for redesigning the way we are collaborating with other design parties. Therefore one needs to invite external guests to the Speckle Server of an organization or needs to get invited.

This leads to the following:

  • As users tend to be not careful with settings and just want to do their stuff those guests might be able to see other projects they are not allowed to see … even if they are hopefully not granted to have access to the stream itself … might be happening by accident too, when colleagues are not careful
  • Externals guests are able to create streams in the invited organization … and add to the mess

Of course, one could create two Speckle server deployments for internal and external collaboration, but this would make it more complicated for the users to actually work that way. In our case, the Speckle knowledge shall be maintained so that by looking back to older projects one would be able to receive the final calculation model or be able to have carbon/cost reports of all the older projects. If the data is scattered across streams and Speckle servers in multiple place we are back on track with “file new”, “file new new” style … only on the database level.

Most ideas might not be new to you guys or are even already on your roadmap, but I wanted to write them down here as well :slight_smile:

Best,
Alex

3 Likes
2

B: is already partially integrated (guest role) into the right management of FE2. It would be cool to connect those settings automatically to the Azure security groups via app roles of the SSO.

Example:

  • Security Group: Admin = admin access
  • Security Group: Member =regulars
  • Security Group: Externals = guest access

image
image1605×890 46.9 KB

It is more of an icing on the cake situation, but this helps IT/admins to have control over the access.

With this reply I want to add another point to the list:
Besides making sure, that projects are not deleted by removing users (see link below) … it would be in general important that people with admin access should be able to enter any private and public project without the need to be invited. Maybe a colleague creates a project, leaves the firm, or is sick … the accessibility is a big issue that might affect project success.

Of course, one could step into the DB and change settings, but this is not a clean method for a bigger group of admins.

Domain Owned Streams & Admin Control - Features & Ideas - Speckle Community

1 Like