It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×10,946

question asked: Jul 05 '10, 8:29 a.m.
question was seen: 4,006 times
last updated: Jul 05 '10, 8:29 a.m.

Related questions

Project-level Access Control: What does "Everyone"

0
SimonP T (7676) | asked Jul 05 '10, 8:29 a.m.
Hi All,

When we create a project there are several levels of project-level access control. One of which is "Everyone". The others include "Members of..." or "Admins only".

I anticipated that if I wanted to grant View-only access to a Project Area for a large user base and Right-access to a much smaller user base that I would do the following:

1. Set Project Access = Everyone

2. Assign membership to those with need of Right-access; each being granted the Jazz Users:Quality Manager Permission:Licence combination

3. Grant Jazz Users: Viewer Permission:Licence combination to those that need View-only access

However, as most will appreciate, RQM will not allow any access to the Project Area unless they are a "member". By access I mean either

a. the same navigable UI (around a project area) a member sees and/or;

b. access to a shared dashboard

I would therefore like to clarify the purpose of "Everyone".

There are other forms of "access" i.e.: Feeds, Dashboard queries which can be inserted into a Dashboard (as long as the user is a member of *a* project area). Could this be what "Everyone" means- a certain level of interaction with another project area but *not* from the perspective of a "member".

Just to note, there is nothing in the Infocentre about this (which I can find).

Regards, Simon

2 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Patrick Van Zandt (1.2k1) | answered Jul 05 '10, 5:32 p.m.
JAZZ DEVELOPER
Users must be explicitly added to a project if they are to participate in the activities of the project.
--RQM IC: "Adding users to a project"
The Everyone role applies to all users on the server, not only the ones associated with a particular project area. If you need to restrict users from performing certain operations, you must disable that operation from the Everyone (default) role and enable it for a specific role. You would modify the roles on the Permissions tab and specify exactly which operations each role is capable of performing in the project area.
--RQM IC: "Permissions and roles"
All operations in Rational Quality Manager are defined as project-level operations. This means that users must be members of a project area in order to participate in the operations of that project.
--RQM IC: "Permissions and roles"

I agree that there is some ambiguity here, especially between the second and third quotes above.

In your case, you clearly don't want the give the large user base priveleges to "participate in the operations of the project"; you just want to give them read-only access.

As far as I know, you will need to add all the users as "members" if you want the project area to show up in their list of projects at /jazz/web/console.

Are others aware of a better solution?

@simonpants it would be worth also asking this in the Jazz Foundation forum, as this is really more of foundation question than an RQM question.
0
permanent link
SimonP T (7676) | answered Jul 06 '10, 11:17 a.m.
Hi Patrick,

I understand your comment regarding Jazz Foundation. As far as know, this is specific to product. RTC behaves the way in which you would expect i.e.: you can open a project up to be read-only without needing to be a member of it.

I am going to push this through support and see if there's a Defect/Enhancement tracking this.

There are other solutions: TN0013 talks of defining a list of non-secure URLs to grant access to non-registered users. Much in the same way Jazz.net operates.

I still feel that RQM and RTC should operate consistently

Cheers, Simon

Users must be explicitly added to a project if they are to participate in the activities of the project.
--RQM IC: "Adding users to a project"
The Everyone role applies to all users on the server, not only the ones associated with a particular project area. If you need to restrict users from performing certain operations, you must disable that operation from the Everyone (default) role and enable it for a specific role. You would modify the roles on the Permissions tab and specify exactly which operations each role is capable of performing in the project area.
--RQM IC: "Permissions and roles"
All operations in Rational Quality Manager are defined as project-level operations. This means that users must be members of a project area in order to participate in the operations of that project.
--RQM IC: "Permissions and roles"

I agree that there is some ambiguity here, especially between the second and third quotes above.

In your case, you clearly don't want the give the large user base priveleges to "participate in the operations of the project"; you just want to give them read-only access.

As far as I know, you will need to add all the users as "members" if you want the project area to show up in their list of projects at /jazz/web/console.

Are others aware of a better solution?

@simonpants it would be worth also asking this in the Jazz Foundation forum, as this is really more of foundation question than an RQM question.

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.