Talent management is extremely important to us at Man Group. We do our best to nurture our employees’ development at every opportunity. Receiving feedback is a crucial part of gaining the self-awareness necessary to direct our careers toward our aspirations.
Getting meaningful feedback can be difficult: colleagues can feel uncomfortable delivering necessary but unwelcome truths, collecting feedback from multiple parts of the business can be onerous, and analysing the resultant data is not straightforward. Adaero, [Latin for “Appraise”], enables employees to anonymously enter feedback about their colleagues as part of an initiative to improve an organisations feedback culture.
We found that off-the-shelf tools weren’t cutting it, and so we built our own solution - and as active contributors to the open source community have made it openly available for use by others.
- Read our tech blog for further details on what we've achieved with this tool and why we made the design decision we did.
- HR or Talent Professionals looking for further details on how the tool works should read our User Guide
The following steps were run on a minimal install of Ubuntu LTS 18.04.4
-
Ensure you have the pre-requisites installed
sudo apt install docker.io python3 python3-pip curl sudo curl -L "https://github.com/docker/compose/releases/download/1.25.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose
-
Build and Run the application on local Docker
cd frontend sudo docker build -t adaero-dev-frontend . cd .. sudo docker build -t adaero-app . cd docker/dev docker-compose up -d
-
Setup a dummy template, 3 question and period data to carry out a feedback cycle.
cd ../.. sudo pip3 install -e . sudo pip3 install pytest faker freezegun webtest mock python3 tests/scripts/configure_db.py --config host_example.ini add-test-periods
-
Once fully started, open http://localhost:4200. The table below shows the users and their role within the app. Source is
docker/shared/ldif/01-data.ldif
Username Password Role alovelace password Employee, managed by dthomas bsmith password Employee, managed by dthomas cdalton password Employee, managed by dthomas dthomas password Employee, managed by eforshaw eforshaw password Manager, Talent Manager -
Login as
eforshaw
. The "Talent Manager Panel" option should be available on the left. Select that, and scroll down to "Generate population CSV template". Enter into the textbox "Engineering" (corresponds too
in the LDIF file) and click "Generate and download". This is a CSV view of relevant information in LDAP required to build a population. -
Scroll to the bottom and on the "Upload new population CSV" feature, upload the CSV. You can logout and login as the employees, and according to different phases, you can carry out a feedback cycle.
-
Use the following commands to change phases.
python3 tests/scripts/configure_db.py --config host_example.ini --subperiod enrollment adjust python3 tests/scripts/configure_db.py --config host_example.ini --subperiod entry adjust python3 tests/scripts/configure_db.py --config host_example.ini --subperiod approval adjust python3 tests/scripts/configure_db.py --config host_example.ini --subperiod review adjust
-
For a more comprehensive guide, please see the user guide
Follow http://docs.sqlalchemy.org/en/latest/core/engines.html#database-urls
Displayed in the frontend beside the logo. Useful for multi-tenant setups within larger companies.
If set, this will override the use of /etc/hostname
as the hostname
displayed in emails to the set string.
If set to true
, it will cause emails to be sent. This happens:
- When a talent manager uses the management panel to manually send them
- Automatically according to the email schedule if
adaero.run_email_interval_job
config value is set totrue
If these values match the what the application sees on the host, then this will enable:
- Loading of all user emails for the given business unit unless
adaero.load_user_email_list
is set, which then will only load the subset of the user emails in the list.
The datetimes set in the Period table are technically not UTC. Those times are coupled with this configured value, the location. The phase shift will occur when a particular datetime is passed at this configured location.
Here are the available choices:
- London
- New York
- Oxford
- Shanghai
- Hong Kong
- GBR
- Boston
- Pfäffikon
Set this to an array of strings containing the LDAP usernames of who you would like to be able to login with the talent manager role. e.g. ["eforshaw", "cdalton"]
This is normally set to False
as we now rely on talent managers uploading
the user hierarchy configuration CSV into the application.
In non-prod environments, we don't save emails within the User database. If this is set, we will save the emails of the following list of users identified by their LDAP username, allowing them to be emailed (if emailing is turned on). e.g. ["cdalton"]
A useful development flag for impersonation. This should be set to
false
in production.
If true
, run a job in the background that checks the email flags for
the current period and if not set, send out the relevant emails and set.
Normally the company name, that will be displayed in the frontend.
Email that will be displayed to users when they are denied access to the tool or there is an unexpected error.
Email that will be displayed to users that they receive from the automated notification system (notifications sent by email).
Help message for the login input to remind users what username to use.
Help message for the login input to remind users what password to use.
Help message for talent manager on how to populate the CSV that is to be uploaded.
Help message for talent manager on how to generate the population CSV.
URI to LDAP instnace
LDAP field name for what to bind to the username
User model variable.
Template used to generate the bind DN for a user. Refer to the example config.
LDAP field name for what to bind to the manager
User variable.
LDAP field name for what to bind to the location
User variable.
LDAP field name for what to bind to the uid
User variable.
LDAP field name for what to bind to the department
User variable.
LDAP field name for what to bind to the business_unit
User variable.
Bind DN which should have permissions to search for users.
Password for the search bind DN.
Base DN to perform the user search upon.
Attribute that the username is assigned to in a DN
Regex for extraction of a username from a DN
If the file exists in the assets folder on the backend, serve this up to the frontend.
This section will explain how the application is designed in terms of strucutures and processes, and some reasons why it is done this way.
We use:
- Backend - Pyramid
- Frontend - Angular
- Database - Agnostic due to use of SQLAlchemy library
The choices of these were simply because this was a hard requirement to match the internal technology stack at inception of the project.
The backend is a just an API service that also serves the productionised HTML/CSS/JS Angular frontend plus other static assets such as images.
Refer to below for why LDAP is only used for authentication and NOT authorization.
The available users in the feedback tool are statically generated and fixed until manually updated. This is desired despite having active access to the LDAP server. The reason for this is that during a feedback cycle, we do not want to have users entering or leaving the feedback cycle unintentionally, which would happen if we used LDAP as a source of truth.
On top of this, the reporting structure in LDAP doesn't necessarily match the real world, and may change temporarily due to transient staff issues. Putting the power into the talent manager's hands makes dealing with such situations easier, without required developer intervention.
Therefore, the process as is follows:
The CSV lists the relationships between staff member, therefore marking who is a staff member and who is a manager. This information is used for authorization.
Graph source are in the *.dot*
files. To regenerate graph PNGs.
- Install graphviz
- Run
dot -Tpng architecture.dot -o architecture.png dot -Tpng population.dot -o population.png