Article last updated on the 21th of October, 2021.
Contents
1. Introduction
In some cases, WorkPoint solutions need a disclaimer that specific users need to consent to before they are granted access to the data they are trying to access. In some cases, companies might want these kinds of disclaimers to be consented to on each visit. In other cases, consenting just once is enough. Regardless, WorkPoint can now restrict access to WorkPoint solutions or individual entity sites until the users have consented to a disclaimer, which is presented to them when attempting to enter such rooms.
The consent that any given user gives to the disclaimer presented to them is logged. This makes it easy to see who have given consent and when, if needed.
A case where this feature is useful is if a company works frequently with documents which contain sensible data and/or otherwise data that under no circumstances can be shared with unauthorized people. They also often collaborate with external partners, and they therefore use this feature to present external partners with a disclaimer which lets the partners know that they must under no circumstances share documents with anyone outside the company. The consent that the partner gives is logged, so that relevant administrators can see if consent has been given, should any disputes rise.
Please note that you can only enable either Global disclaimer settings or disclaimer settings on specific business modules. These two setups are mutually exclusive, and the global disclaimer settings take priority.
You cannot enable the Business Module scoped Disclaimer Consent settings if Global scoped settings are enabled.
If you have Business Module scope Disclaimer Consent enabled, and you enable the Global scope Disclaimer Consent, the Business Module scoped settings will be disabled.
2. Requirements
This is an additional feature. If you want this feature for your solution, please contact WorkPoint Sales by email at sales@workpoint.dk for more information. Note that this feature is only available for solutions using the Modern UI, and only for the browser version of WorkPoint.
3. Configuration
3.1. Global disclaimer configuration
The Global Disclaimer settings can be used to set up a disclaimer which activates when users access the WorkPoint solution.
You can access these settings in the global settings in the WorkPoint Administration:
- In the left side menu of the WorkPoint Administration, click "Global Disclaimer".
This opens the Global Disclaimer Settings page:
- This checker sets whether the global disclaimer is enabled or disabled.
- In the "Disclaimer Consent Scope" setting, you can specify who should be presented with the disclaimer upon entering the WorkPoint solution. The options are:
- Specific Users And Groups: An extra field appears, letting you input specific users and/or groups who will then be presented with the disclaimer text.
- External Users Only: Only external users will be presented with the disclaimer text. No further specification is needed (discount pt. 4).
- All Users: All users will be presented with the disclaimer text. No further specification is needed (discount pt. 4).
- Select one or more persons or groups that should be presented with the disclaimer, and whom also needs to consent before access is granted.
- From the Acceptance Type menu, you can choose whether the target audience needs to consent to the agreement just once, or once per session.
- In the "Insert Full Url" field in the "Disclaimer Document" section, provide the full URL to the document which has the text that should be displayed in the disclaimer. A good practice is to store this document in e.g. the Site Assets library of the root site. This is because all users have Read access to this library by default, and so they will be able to see the document, but not edit it. Supported document types are .docx, .pptx, and .pdf.
- Click the "Save" button to save the settings.
- The "Refresh cache" button can be used to refresh the memberships of groups selectable as target audience for the global disclaimer. WorkPoint caches the members of groups in order to improve performance. If a group is selected as target audience for a global disclaimer, and a new person is later added to the group, that user may not be presented with the disclaimer upon entering the WorkPoint solution. This is because that user may now be a member of the cached version of the group. Refreshing the cache will update the cached groups personnel, and the new user will then correctly be presented with the disclaimer.
- Clicking the "Clear consent list" button will clear the list of who have previously consented to the disclaimer. This is useful e.g. if the disclaimer has changed, and people need to consent to the new disclaimer.
The list of consents given is a hidden list on the root site of the solution, which you can find by going to the following URL (remember to substitute your data into the URL):
https://[TENANT-NAME].sharepoint.com/sites/[WORKPOINT-SITE-NAME]/Lists/DisclaimerConsents/
An example of a complete URL with a Tenant name of "workpoint365test" and a site name of "anm0014" would look like this:
https://workpoint365test.sharepoint.com/sites/anm0014/Lists/DisclaimerConsents/
The following image shows the consent list where a user called "Edward Dean" has consented to a disclaimer:
3.2. Entity site disclaimer configuration
User Disclaimer can be set up individually on each business modules. This is done through the WorkPoint 365 Administration, which can be accessed by following these steps:
- Click the Home button of the solution
- Enter the WorkPoint 365 Administration by clicking the cog-icon at the bottom of the menu
From the WorkPoint 365 Administration you can enter the Disclaimer Consent Settings by clicking the header of the business module for which you want to set up the settings for user disclaimers and clicking “Disclaimer Consent Settings from the menu. Follow these steps:
- Click the header of the business module
- Click “Disclaimer Consent Settings from the menu
The interface of the Disclaimer Consent Settings interface provides all the options one needs in order to set up what the users should be presented with upon visit. Depending on what you choose as “Type”, different options are available from there on.
- Check the “Enabled” checker if the user should consent to some agreement upon visiting the site
- Select the scope of the disclaimer settings. This determines who will be presented with the disclaimer text. The options are:
- Specific Users And Groups: An extra field appears, letting you input specific users and/or groups who will then be presented with the disclaimer text.
- External Users Only: Only external users will be presented with the disclaimer text. No further specification is needed.
- All Users: All users will be presented with the disclaimer text. No further specification is needed.
- Select a person or a group that should be presented with the disclaimer, and whom also needs to consent before access is granted.
- From the Acceptance Type menu, you can choose whether the target audience needs to consent to the agreement just once, or once per session.
- For “Type”, choose the type of setup you want to use for the disclaimer document. Depending on the type chosen, additional fields appear for the administrator to fill in (points 19 through 21). Supported document types are .docx, .pptx, and .pdf.
a. Entity List
Entity List grant you the ability to select a document from the entity site based on field values. The system goes to the specified Library (19), you choose a field for the system to look for (20) and type in a value (21). If the system finds a document under a field which matches the value specified, that document will be displayed as the disclaimer document.
b. Calm Query
If you choose a type of Calm Query the administrator can input a query to be executed to fetch the document from a specified library.
c. Absolute URL
If “Absolute URL” is chosen, the administrator can insert a full URL to the document that he wishes should be displayed as the consent document. Further, the administrator needs to input the full URL to the site that holds the document.
- Clicking “Save” will finalize the setup, and the specified user(s) will now be presented with the specified consent document which will need to be consented to before they are granted access to the site.
Whenever a person has accepted a disclaimer and entered a site, this acceptance is logged in a hidden list on the site. You can access this list by appending the site URL with "/lists/disclaimerconsents/". An example where our tenant name is "workpoint365test" and our site is located at "/anm0014_Projects2" would be:
https://workpoint365test.sharepoint.com/sites/anm0014_Projects2/lists/disclaimerconsents/
Entries of people who have accepted the disclaimer and entered the site look like the following:
4. End User Guide
Click here to go to the end user guide article for User Disclaimer.
5. Notes
Please note that if the end users use any other clients that accesses data from SharePoint using API’s, they will not be blocked. The disclaimer is not adding any changes/extra layers to the security model of SharePoint. If the users are passing direct links to document or is using the sharing feature of SharePoint this feature will also be bypassed.
Please note that you can only enable either Global disclaimer settings or disclaimer settings on specific business modules. These two setups are mutually exclusive, and the global disclaimer settings take priority.
Comments
0 comments
Article is closed for comments.