Bryan Vogel
UX design leader with diverse experience delivering user-focused solutions
Permissions.png

Filevine User Access

Creating scalable user access on an existing product

Filevine User Access

Navigating the world of role and attribute-based access when permission already existed

The need for nuance

Filevine is a tool used by law firms to manage their projects. Each project represents a legal matter and involves multiple users. It's similar to sharing a file on a cloud storage platform.

As Filevine continues to expand, there’s a growing need for more nuanced access to projects. Law firms want to grant access to select parts of a project, such as billing, medical data, or documents. They also want to add or remove users depending on the phase of the project, such as discovery, litigation, or arbitration.

 

Where we started

Existing access had been tailored for specific user needs as the product scaled over time creating a peppered number of areas where access could be controlled. As a system admin, you could control different access on the Setup page, the Advanced page, or within projects.

Setup

System access settings

Advanced

Role creation

Projects

Project access & role assignment

Within the Setup > Orgs section, there’s an incredible level of automation that can be configured. Selecting a user allows for a system admin to setup automated project access and notification settings.

Existing Projects

Bulk changes to access & roles

New Projects

Auto-add a user to projects

Org Admin

Admin access

 

Making permissions feel familiar

When working on layered, risk-forward systems like permissions I like to come back to UX basics and ask: Does the user have the information they need to complete their task?

Products for workplace use should be thoughtfully designed to feel familiar to a majority of users, and hopefully will feel like a side kick rather than a road bump. We can get here by aligning to common patterns and blending them in with what our own users already know from our interface and brand.

This leads into an audit of how other products handle layered user access capabilities. Here are a few of the tools I referenced:

Domo

Jira

InVision

So much of this work is based on semantics. Does a user know what is meant by different terms used throughout the product? At this early stage of work, do we?

 

Getting on the same page

It’s easy to assume a project team is all on the same page, but it’s just as easy to all have a different ideas when a lot of the work is theoretical and cause big issues down the line. I like to define a common nomenclature that can be used as a source of truth. Here’s the terms we were using for our permissions work and how we defined them:

 

Member

A Member is an Individual accessing the system. A Member can be assigned to a Team or Teams to determine their Role and System access. If necessary, a Member can be added to a Role and assigned to a Project or Library.

Role

A Role determines what level of access a User is allowed to have within the System and assigns default permissions & reponsibilities on a Project or Library. Roles are a collection of Members who share the same job function or need the same level of access to a Project. Responsibility rank is pre-set within a Role, but can be adjusted per Project or Library. A Member can be part of more than one Role, and will be granted the highest level of access in any instance of conflicting permissions.

Team

A Team is a collection of Members, which can have any number of assigned Roles, that will be working on a Project or Library together. A Team can be assigned to one or many Projects or Libraries. A Team can be given additional or conflicting permissions on a Project or Library without affecting the System access granted by their Role.

Project

A Project is a single item to be completed. A Team can be assigned to a Project or Projects. Multiple Teams can be assigned to a Project. Individuals should be added to a Project sparingly.

Library

A Library is a curated collection of Projects. A Team can be assigned to a Library or Libraries. Multiple Teams can be assigned to a Library. Individuals should be added to a Library sparingly.

 

Once the terms were in place we could create a relationship map to visualize how the different pieces could work:

 
 
 

Stakeholder alignment

I like to sketch out designs on my iPad using Miro or a similar tool before recreating them in Figma as wire frames for stakeholder review and alignment. I admit I’m not an artist and like to move quickly through wire framing, so I’ll save all of our eyes and show the cleaned up Figma wires here.

A way to see all users

Teams as a way to groups users

Libraries as a way to group projects

Blend roles with project access

Granular access controls within roles

Bulk edit user roles

 

Testing, testing

Once I had the wires in a good spot, some color was added for user testing. I’ve found that wire frames with filler content can be distracting in testing, but adding a little contrast helps to keep the feedback more focused.

I tested these designs with clients ranging from 5 users to 400 users to see if the logic would be scalable. I also tested for usability with our implementations and data security teams to check adherence with regulations like HIPAA and CJIS.

I captured the sessions using Zoom recordings, note taking in Miro, and ultimately pulled all the content into Dovetail for analysis.

 

A fresh coat of pixels

Leveraging our design system I was able to quickly turn the designs into high fidelity screens to hand off to our development teams. As with most work, I sliced this down into consumable chunks that could be built and layered as we go. Here are a few visuals of the work:

Finding a flexible solution that will work for almost any size customer who uses this product, database limitations for near-instant updates and changes, and finding common terms that users relate to are an incredible challenge. These designs continue to be adjusted to meet the needs of technical feasibility and product priorities.

Breaking the work into pieces, listening to users, iteration & compromise are key to finding solutions on work of this scale.

 

Pivot!

While this work was on-going we had a need for allowing more access to our system admin controls. These designs expose some controls that allow users more capabilities to grant access without needing assistance but are also potentially risky.

Permissions are very high risk actions that can be destructive and costly. Making sure users have a clear, confident understanding of what an action will do is incredibly important.

In these designs I opted to give context to each possible permission and notate the options that were higher-risk or not allowed so a user would have a reasonable amount of information to utilize when making decisions.

I also took this opportunity to make sure this feature was looking good in all three themes in the design system!

 

This is a project I worked on while employed at Filevine.

 

Up next

JP Morgan Chase MyWorkplace Apps

How a mobile app became the ultimate pandemic companion

Take a look →