How to restrict WI visibility to teams but also allow a special group read only access to all WI
Environment: RTC 6.0.2
I have a requirement for read only access which I am not sure how to implement. Can you restrict visibility of work items to specific teams but also allow an overseeing team of users read only access to all work items, including those restricted work items? When I tested restricting visibility via categories, it really did restrict visibility to JUST those teams and their child team areas. Noone else. Period.
We can't give JazzAdmins permission to that overseeing team and we also can't override the work item visibility of the work items among the rest of the teams. (Those teams need to be able to see their own work items, but not the work items of other teams.)
Is this possible? We are happy to write plugins or customize if there is a way to do this.
|
Accepted answer
Ralph Schoon (63.6k●3●36●46)
| answered Mar 06 '17, 3:14 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Ian,
this is possible, however, there is no automation available. You can use the restricted access attribute as described in https://rsjazz.wordpress.com/2016/02/02/setting-access-control-permissions-for-work-items/ and set it to an access group that allows the access you want.
Note, there is no "read only" access. You have access to a work item and then permissions for operations.
Ian Wark selected this answer as the correct answer
Comments To set the restricted access attribute you could use a JavaScript default value or a follow up action.
Ian Wark
commented Mar 06 '17, 5:47 a.m.
Thanks for the feedback. I'm not sure the access group will allow us to control our access the way we need to, however. Here is our scenario:
Ian Wark
commented Mar 06 '17, 5:47 a.m.
In this scenario, if we put say members of TeamA and TeamC in an access group, then TeamB will not be able to see TeamA work items. And if we put TeamB and TeamC in an access group, then neither TeamB nor TeamC can see TeamA work items. I can't think of a way to divide up to meet our requirement.
1
You can either use the built in restriction based on categories, or you use access groups.
If you use categories, your requirement above is only doable by assigning users that shall be able to see all work items to team C and to team F. Which, by the way, would be the simlest way to achieve your requirement.
If you use access groups the nesting/structure does not matter. You assign an access group to a work item. The access group specifies which users or teams can see the work item. Note, you need some kind of custom automation to set the access groups, or you would always have to do it manually.
Groups:
AccessA add TeamArea A,B,C,F
AccessAB add TeamArea B,C,F
AccessABC add TeamArea C,F
AccessD add TeamArea D,E,C,F
AccessDE add TeamArea E,C,F
AccessDEF add TeamArea C,F
Work items for team area A get assigned AccessA, for Team B AccessAB and so forth.
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.