It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×10,950

question asked: Sep 07 '09, 10:08 a.m.
question was seen: 4,398 times
last updated: Sep 07 '09, 10:08 a.m.

Related questions

permissions & access control question

0
John Matthews (2263932) | asked Sep 07 '09, 10:08 a.m.
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.

Why can this user change their own role to one with greater permissions?

3 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Karen Steele (1.2k2139148) | answered Sep 08 '09, 9:20 a.m.
Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.

Why can this user change their own role to one with greater permissions?


Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
0
permanent link
John Matthews (2263932) | answered Sep 08 '09, 10:32 a.m.
Ive done that for the Tester role. Is there a particular option which controls this?

This project is linked to a project in RTC where this particular user has Admin authority. Could these be affecting permissions in RQM? Why does this user even have authority to go into "Admin" "Jazz Project Administration" in the first place?

Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.

Why can this user change their own role to one with greater permissions?


Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.
0
permanent link
John Nason (2.4k1012) | answered Sep 08 '09, 5:23 p.m.
FORUM MODERATOR / JAZZ DEVELOPER
Hi John,
The only users who will be able to modify Roles are those that have the "JazzAdmins" repository permission. When a user is assigned the "JazzUsers" repository permission without JazzAdmin, the Admin menu will not even appear.
Keep in mind that you need to log out and log back in after making permissions changes for them to take affect.

Regards,
John

Ive done that for the Tester role. Is there a particular option which controls this?

This project is linked to a project in RTC where this particular user has Admin authority. Could these be affecting permissions in RQM? Why does this user even have authority to go into "Admin" "Jazz Project Administration" in the first place?

Have a user that belongs to Bluegroups "User" only.
The same user is added to a Team Area as a role "Tester", but this person can change their role in RQM to anything they wish. Access control is set to "everyone" which I believe relates to read only access.

Why can this user change their own role to one with greater permissions?


Out of the box, the roles / permissions are unrestricted - the system administrator needs to go into the permissions and setup who can do what via the 2.0 web interface or via the RTC client interface.

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.