permissions & access control question
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.
Why can this user change their own role to one with greater permissions?
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.
Why can this user change their own role to one with greater permissions?
3 answers
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.
Why can this user change their own role to one with greater permissions?
Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
Ive done that for the Tester role. Is there a particular option which controls this?
This project is linked to a project in RTC where this particular user has Admin authority. Could these be affecting permissions in RQM? Why does this user even have authority to go into "Admin" "Jazz Project Administration" in the first place?
Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
This project is linked to a project in RTC where this particular user has Admin authority. Could these be affecting permissions in RQM? Why does this user even have authority to go into "Admin" "Jazz Project Administration" in the first place?
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.
Why can this user change their own role to one with greater permissions?
Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
Hi John,
The only users who will be able to modify Roles are those that have the "JazzAdmins" repository permission. When a user is assigned the "JazzUsers" repository permission without JazzAdmin, the Admin menu will not even appear.
Keep in mind that you need to log out and log back in after making permissions changes for them to take affect.
Regards,
John
Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
The only users who will be able to modify Roles are those that have the "JazzAdmins" repository permission. When a user is assigned the "JazzUsers" repository permission without JazzAdmin, the Admin menu will not even appear.
Keep in mind that you need to log out and log back in after making permissions changes for them to take affect.
Regards,
John
Ive done that for the Tester role. Is there a particular option which controls this?
This project is linked to a project in RTC where this particular user has Admin authority. Could these be affecting permissions in RQM? Why does this user even have authority to go into "Admin" "Jazz Project Administration" in the first place?
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.
Why can this user change their own role to one with greater permissions?
Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.