GSuite integration with Mozilla IAM - release notes


(Vioia) #1

This is a short update on the latest feature the IAM team released, which improves the collaboration on google drive docs between employees and community. In other words, both employees and volunteers that are part of a group in mozillians are able to access the team drive of that group.

How does it work:
In order to identify what google account a volunteer is using, we allow users to verify their google accounts in their mozillians profiles. Instructions on how to do that can be found here. Users can verify various google accounts and they will be able to access a group team drive with any of those google accounts. As employee accounts are google accounts, they will be granted access to team resources by default.
After you join a group in mozillians, you will get access to the team drive of that group in google drive. Same goes for access revocation: after you leave a group in mozillians, you will lose access to the team drive of that group, but the files that you created will remain.
A user is able to move files from their drive to team drive, by drag and drop the file in the specific team drive folder. Note that this works only for the files that the user created, and not for the files that were shared with the user.

Limitations:

  1. Each member of a group has full access to edit all the documents from the team drive. That’s how the integration with google works by design. If there is need to change user permissions on a document, we will try to fix it on a per case basis.
  2. Users are not allowed to move files to different folders / team drive.
  3. File deletion is currently not available, but it is in our scope to allow it in the next period.
  4. Group names are currently not looking great in team drive (with “prod_mozilliansorg_” prefix), but we will work on updating them in Q1/18.
  5. Group themes (e.g. the header picture) cannot be changed currently.

If you would like to request a team drive for a group in mozillians, you should file a bug in bugzilla, with the link to the mozillians group.

Example:
Mozillians.org group: “open innovation + reps council”

Group team drive:


GSuite integration with Mozilla IAM (cross post)
(Terahn Yearns) #2

Thanks sir. Excellent progress!


(Terahn Yearns) #3

Apologies, I mistakenly saved the discourse alias as Henrik’s personal address. Excellent work Viorela!!


(Daniele Scasciafratte) #4

It works, also wait less of 10 minutes for association of folders after adding the new identity provider :slight_smile:


(Henrik Mitsch) #6

This limitation has been removed last week. :tada:

Thank you @akrug!

PS: @vioia might you want to edit/update the article above?