/
🏞️ UX Spec: Access Controls
  • In progress

    • 🏞️ UX Spec: Access Controls

    Owned by Matt Birtch
    Last updated: Oct 11, 2024
    5 min read

    Resources

    With the addition of Multi-bot capabilities, we now propose access controls to be available for each bot. Providing access control at the bot level gives admins flexibility to restrict certain LLMs to certain groups of users or specified channels.

    Bot access

    The way we’re thinking about access controls is that each bot can play different ‘roles’:

    Channel access: Bots can use the context of a channel they’re allowed to access and provide expert assistance on that channel to end users. Admins can enable or disable this role for each bot.

    User access: The bot can look across only messages the user has access to, in order to provide assistance or answers to questions from sources across the workspace. The bot will only share those answers personally with that user and no one else. Admins can enable or disable this role for each bot.

    image-20241011-140510.png

     

    Channel access options

    Admins can decide which channels the bot (and its associated LLM) has access to. They can choose to allow for all channels, allow for selected channels, block selected channels, or block all channels.

    Allow access to all channels (default)

    Allow for all channels is the initial default when a bot is created.

    image-20241011-140636.png

    Allowing for specific channels

    When the Allow for selected channels radio button is selected, a text area is revealed below the radio group where admins can enter and select individual channels, or Teams.

     

    When you click in the field and start typing, an autocomplete menu displays with options that narrow down as you type.

    When an item is selected from the autocomplete list, a chip is added to the text area. Chips can be removed by clicking the x icon on the right side of the chip.

    Blocking access to content from selected channels

    When the Block selected channels radio button is selected, a text area is revealed below where admins can enter and select individual channels or entire Teams.

    This field behaves the same as the allow text area above with the autocomplete and chip interactions.

    User access options

    Admins can also decide which users can have access. They can choose to allow all users, allow selected users, or block selected users.

    Allow for all users (default)

    Allowing only selected users

    When the Allow selected users radio button is selected, a textarea reveals below the radio group where admins can enter and select individual users, LDAP groups, or entire Teams.

    NOTE: custom users groups are currently not allowed since there are no permission controls on user groups right now.

    When users start typing in the text field, the autocomplete menu displays and narrow down as you type. This menu includes individual users, groups and Teams. This behavior is much the same as the channel access options above.

    When users are selected, chips are added to the field.

    Chips can be removed by clicking the x icon on the right side of the chip.

    Blocking selected users

    When the Block selected users radio button is selected, a text area is revealed below where admins can enter and select individual users, custom user groups, LDAP groups, or entire Teams.

    This field behaves the same as the allow text area above with the autocomplete and chip interactions.

    Channel assistance for end users

    See UX Spec: Copilot Channel Assistance

    • When a channel only has one bot that can access it, the summarization menus do not show the dropdown for bot selection

    • When a channel has multiple bots that can access it, the summarization menus show the dropdown to select the bot - with the default bot preselected

    • When no bots have access to a channel, the sparkle button and ‘ask ai’ buttons do not show in the channel header or new message line respectively.

    User access to bots in the Copilot RHS

    • When a user has been given access to one bot, the dropdown will not show to choose other bots. They will simple use the one configured bot always.

    • When a user has been given access to multiple bots, they will see the dropdown to select the active bots with the default bot preselected

    • When a user has no access to any bots, they cannot use any of the copilot features. The sparkle buttons should be hidden from them and the copilot RHS will not be interactive (see below), but will show a ‘you don’t have permission' screen.

     

    Related content

    UX Spec: Copilot Channel Assistance
    UX Spec: Copilot Channel Assistance
    Fast Futures
    More like this
    UX Spec: AI Copilot Multi-Bot
    UX Spec: AI Copilot Multi-Bot
    Fast Futures
    More like this
    Design Spec - Channel Moderation Settings
    Design Spec - Channel Moderation Settings
    Enterprise
    More like this
    What we've heard from customers
    What we've heard from customers
    Fast Futures
    More like this
    Tech Spec - Channel Moderation Settings
    Tech Spec - Channel Moderation Settings
    Enterprise
    More like this
    EE: Channel Moderation Settings
    EE: Channel Moderation Settings
    Enterprise
    More like this