Skip to main content
All CollectionsGuides for dashboard.dispel.ioAdmin How To GuidesFeature: Group Access Windows
Step 4 - How to modify the membership of a Group Access Window
Step 4 - How to modify the membership of a Group Access Window

The purpose of this document is to demonstrate how an admin can modify the membership of an access window.

K
Written by Ken Steck
Updated over 3 months ago

The purpose of this document is to demonstrate how an admin can modify the membership of an access window and control individual or group-level access in real time. Access windows need to be responsive to changes in permissions for both unblocking user tasks as well as responding swiftly to an incident.

To modify membership to an existing Access Window:

  • Go to the Access Windows interface using the “Access Windows” option in the left navigation. There will be a list of all existing Access Windows, which you can search. Find the Access Window you want to modify and click the name.

    In our example, we used the search bar to find a windows that include "demo" in the name.

  • You will be able to see the details of the Access Window, including a Members tab.

  • In the Members tab you are able to toggle permissions on and off for INDIVIDUALS and GROUPS.

    Group Access Window permission decision diagram

    The decision tree below describes the permissions logic for Group Access Windows

An example scenario using the permissions rules:

In our example scenario, assume User1 is a member of Group1 and Group2. Group1 and Group2 are added to the Access Window.

  • If Group1 permission is toggled OFF, then User1 still has access because Group2 is unaffected.

  • If both Group1 and Group2 permission is toggled OFF, then User1 shall lose access and you will notice that User1's individual toggle will automatically be set to OFF.

  • If both Group1 and Group2 permission is toggled OFF, but the admin toggles User1 INDIVIDUAL access to ON, then User1 has access despite Group1 and Group2 status. In this case individual permissions over-ride group permissions.

  • If both (or only one of) Group1 and Group permission is toggled ON, but the admin toggles User1 INDIVIDUAL access OFF, then User1 shall lose access despite Group1 and Group2 status. In this way, individual permissions still over-ride group-level permissions.

These rules are designed to allow admins to control permissions at group levels while still enabling flexibility for individual user-level permission controll.

Did this answer your question?