Restriction of Permissions
I want Clients to be able to report bugs, thus create BUG-workitems with their description, but I don't want them to see the further life-cycle of the bug once it has been assigned.
My plan was to create a User Role called Client who can only create bug-workitems, alter their description and add comments and but can do no further action.
Then I wanted to create some prefigured queries which show only those bugs created by Client-users and deny the permission to create new queries to those users.
Here's the problem: It actually worked the other way around; I could not get my client to save bugs he created and I could not restrict him from at least running queries, even if he cannot save them.
Do I have the correct approach or is there any other way to achieve my goal?
Thanks Marco
My plan was to create a User Role called Client who can only create bug-workitems, alter their description and add comments and but can do no further action.
Then I wanted to create some prefigured queries which show only those bugs created by Client-users and deny the permission to create new queries to those users.
Here's the problem: It actually worked the other way around; I could not get my client to save bugs he created and I could not restrict him from at least running queries, even if he cannot save them.
Do I have the correct approach or is there any other way to achieve my goal?
Thanks Marco
One answer
In general, you have fine grained control on write operations, but you
do not have fine-grained control on read operations. In particular,
read access for an object is determined by the read access defined on
the project area to which that object belongs. So there is no way to
modify read access based on any property of an object other than its
project area property.
Cheers,
Geoff
On 5/19/2010 12:08 PM, MarcoB wrote:
do not have fine-grained control on read operations. In particular,
read access for an object is determined by the read access defined on
the project area to which that object belongs. So there is no way to
modify read access based on any property of an object other than its
project area property.
Cheers,
Geoff
On 5/19/2010 12:08 PM, MarcoB wrote:
I want Clients to be able to report bugs, thus create BUG-workitems
with their description, but I don't want them to see the further
life-cycle of the bug once it has been assigned.
My plan was to create a User Role called Client who can only create
bug-workitems, alter their description and add comments and but can
do no further action.
Then I wanted to create some prefigured queries which show only those
bugs created by Client-users and deny the permission to create new
queries to those users.
Here's the problem: It actually worked the other way around; I could
not get my client to save bugs he created and I could not restrict
him from at least running queries, even if he cannot save them.
Do I have the correct approach or is there any other way to achieve my
goal?
Thanks Marco