User Access Management, Source Code permission
We centrally manage user access for compliance reasons. With that being said, team membership is managed by an RTC Administrator.
As an RTC Administrator without being part of the project area or anywhere in its hierarchy (I removed my id as a team member or Project Administrator)
I can still:
Read the Source Code.
Write to the Source Code.
Make any changes to the project area I choose.
However, one of the few actions that I would really need to do is generate a team invitation after a user is added, bu this cannot be performed because I am not part of the Project or Team Area.
I do not need to work with source code for some projects but I do need to add users the project or team area. From our perspective this is not as secure as requiring the RTC Admin to have explicit source code permissions just like anyone else. While at the same time permitting the admin to add users and generate follow up actions (e.g. Inivitations)
As an RTC Administrator without being part of the project area or anywhere in its hierarchy (I removed my id as a team member or Project Administrator)
I can still:
Read the Source Code.
Write to the Source Code.
Make any changes to the project area I choose.
However, one of the few actions that I would really need to do is generate a team invitation after a user is added, bu this cannot be performed because I am not part of the Project or Team Area.
I do not need to work with source code for some projects but I do need to add users the project or team area. From our perspective this is not as secure as requiring the RTC Admin to have explicit source code permissions just like anyone else. While at the same time permitting the admin to add users and generate follow up actions (e.g. Inivitations)
One answer
This can actually be fixed by giving everyone the permission to send
invite email.
But I agree that the current situation is confusing ... why is there a
separate permission for sending out permission information? If you can
add members to a team/project area, I agree that you should always be
able to request that email be send out (I got bitten by the same problem
just last week ... I had permission to add people to my team area, but
didn't have permission to send out the invitations). I've submitted
work item 112429 to get this fixed.
Cheers,
Geoff
tdunnigan wrote:
invite email.
But I agree that the current situation is confusing ... why is there a
separate permission for sending out permission information? If you can
add members to a team/project area, I agree that you should always be
able to request that email be send out (I got bitten by the same problem
just last week ... I had permission to add people to my team area, but
didn't have permission to send out the invitations). I've submitted
work item 112429 to get this fixed.
Cheers,
Geoff
tdunnigan wrote:
We centrally manage user access for compliance reasons. With that
being said, team membership is managed by an RTC Administrator.
As an RTC Administrator without being part of the project area or
anywhere in its hierarchy (I removed my id as a team member or
Project Administrator)
I can still:
Read the Source Code.
Write to the Source Code.
Make any changes to the project area I choose.
However, one of the few actions that I would really need to do is
generate a team invitation after a user is added, bu this cannot be
performed because I am not part of the Project or Team Area.
I do not need to work with source code for some projects but I do need
to add users the project or team area. From our perspective this is
not as secure as requiring the RTC Admin to have explicit source code
permissions just like anyone else. While at the same time permitting
the admin to add users and generate follow up actions (e.g.
Inivitations)