Skip to main content

Inherited access versus direct access

All Hyperproof work items have a facepile that allows for both inherited access and direct access to an object.

new-facepile.png

Overview

Facepile is Hyperproof's term for the area where users can view who has access to a particular object, such as a control. Depending on their permissions, users can add, remove, or change user roles. Work items can also be made private via the facepile.

Inherited access means that a user becomes a member of a work item by way of a parent object.

Direct access means that a user has been explicitly added to a work item, for example, a user is specifically added to a request, but not the audit.

Inherited access

Users inherit access to work items via a parent object. An example scenario might look like:

  • User X is a manager of control ID 1234.

  • An issue is created by another user and linked to control ID 1234.

  • Because User X is a member of the parent object—in this case the control—they gain contributor access to the issue.

To see how a user obtained inherited access, click the link next to the user’s email address.

inherited-parent.png

Direct access

A user who has been specifically added to a work item is considered to have direct access to the object. When added, they receive the role of contributor. A user with sufficient permissions can change the new user's role to manager via the facepile.