I am new to Shotgun Admin. I am in the process of creating couple of group and set of users inside it.
I would like to dedicate one or two members in each group as admin or somewhat admin level so they can take care of their group related tasks and do not do any changes or even see the other groups or projects other than their own group’s projects/users.
What is the best way to create such a role and restrict to that group only those group admin users?
Thanks
Sri
Hi @sri777, welcome to the forums and thanks for posting this question!
So this is actually a pretty common workflow, where you have a permission group called Admin who handles most of the site administration, but then you have a sort of sub-admin who is a bit more restricted in what they can do (but still has more control than say a Manager).
While it depends what changes you want this sub-admin to do, I will highlight a few key permissions that may help you here.
Firstly, if you haven’t already, please check out this permissions guide, as it outlines the key functionality of the 4 default permission groups
Using one of these permissions groups as a base, you can duplicate it to create you new Sub-Admin group (i’d suggest either duplicating the Manager or Admin group)
Next, there are some key permissions you can find under the Advanced section that allow you to lock things down a bit more
I’d like to highlight a few of them, but you can read more about them in the above guide
People will only see Projects they are assigned, including all data linked to those Projects. To assign a person to a Project, edit the ‘Projects’ field on People, or the ‘People’ field on Projects.
You’ll want to disable this if you only want people to see things in their assigned projects
This checkbox preference only gives access to admin UI options. Full access to admin functionality (e.g., unretiring entities) may require specific permissions adjustments on a per-entity basis.
You’ll want to turn this off if you don’t want people to do things like creating new fields
This checkbox preference requires that the ‘Use Admin Options’ preference is also checked.
You’ll want to turn this off if you don’t want people to be able to change permissions
I hope this helps point you in the right direction, If you have any further questions don’t hesitate to give us a shout.
Cheers,
Andrew
Thanks Andrew
followup few things
Hi @sri777
- The configurations and schemas are site-wide, not per project
The permissions groups are indeed site-wide. Unfortunately, It isn’t possible to have permission groups per-project
- There’s only 1 configuration / admin view to edit the schema, network locations / file paths, etc.
is there a way to keep this also separate per group
Al of the above settings are site-wide, it isn’t currently possible to create these things based on groups.
Having said that, we’d love to learn more about your use-case and what you are trying to achieve, we’ll see if there’s any other method or workaround we can suggest.
Cheers,
Andrew