2

I have two multi select lists for a user management screen that controls account permissions. The user can select any # of users and any # of organizations.

Multi-Selects: a.) users multi-select b.) orgs multi-select

The requirement came through to populate each dropdown with all their associated organizations whenever you select a new user.

What should I look out for? What if they select a ton of users and each user has many different organizations so I end up displaying permission controls for 25+ organizations that only one user has permissions on? Any good patterns/guidelines for this type of problem

Improve this question
6
  • Short answer: Don't do that. Commented Sep 6, 2016 at 16:36
  • I am conflicted because the goal is to be able to display all the organizations that a user has permissions for upfront and they also have to be able to edit these permissions on the fly. I am worried that I may pull up too much data for the user to search through. Commented Sep 6, 2016 at 16:43
  • if each user can have a unique set of org relationships, you've already precluded the ability to manage multiple users' orgs. It's just a constraint of the requirements. Commented Sep 6, 2016 at 17:57
  • I would ask why the data is required and what it will be used for - you may be able to find a better solution that gives the same output - If you're the designer then you should do the designing. The requirement should have been to solve the problem of requiring the data - not specifying that something on the UI needs to be changed. Commented Sep 7, 2016 at 7:25
  • you have a very good point, the requirement is that the user has some way of knowing which organizations the users are associated with Commented Sep 7, 2016 at 15:05

2 Answers 2

Reset to default
1

I am not sure if I have understood your question correctly, but I built a user interface that dealt with a similar issue, which was to allow specific users access to a specific feature.

My UI gave access to the system on three levels:

  1. to internal users
  2. to every user in an external organisation (global setting)
  3. to individual users in an external organisation

Once you had added an organisation, you could then add individual users within that organisation, and then give them access to that specific feature.

Step 1 was to select the feature you wanted to give them access to, and step 2 was to select the users, organisations, or individuals within organisations to give permission to access the feature.

feature selector

If you wanted to give users access to several features, you would have to start with the specific user and then give them access to multiple features.

The easiest way to do this is to set up a role (such as "editor", "administrator", "Contributor") and then give multiple users access to that role. (This is how LDAP is structured, so it is fairly easy to implement.)

users and roles

If you can identify the workflow of what it is you want to do, and how to make it easier to administer once the system is set up, then it's easier to design the system.

Improve this answer
1

This sounds like an X-Y problem. You're not explicitly stating it, but it's implied this interface is to assign permissions to groups of people, rather than assigning permissions to each individual.

Because individual assignings would result in lots of double work. Assigning them to a selection reduces that by a lot. But you would still have to manually select users every time you use the interface, which is also creating double work.

So, create groups, and put people in them. Then assign permissions to them. Yvonne mentions roles, which are a specific kind of group. It'd be pretty easy to hardcode, and if that solves your problem, great!

But sometimes you need to be more flexible in selecting groups of people. For example by store location & role & product range. For example Chicago, Sales, Electronics. Then you need to come up with your own kind of taxonomy. This could be a simple top-down structure like:

enter image description here

But it can also be a more tag-like system, where you have to be in all 3 groups to have access to Chicago electronics' sales figures. Sort of like a venn diagram.

You can of course combine various methods, for example a simple role schematic (employee/manager/director/admin) combined with tags to allow people to view just their own data, to edit their own data, to access all databases from a given location, or give all-access.

I'm not going into details because A; I don't have enough info, and B; going from individual selection to groups is a pretty broad change of direction instead of tweaking a specific system.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.