Permission Controls not working for Defects
One answer
Don't forget to check the "Everyone" role, which always applies to everyone in the repository. If you say "Everyone" can do something, then it will really mean everyone can do it.
Comments
I should have mentioned that I have the everyone role not working properly either. All check boxes for the Everyone role are unchecked, yet a person assigned to the project without a role assigned is still able to perform actions that should not be allowed (i.e. create a work item).
Please read this carefully and check your configuration accordingly: https://jazz.net/library/article/291
As Jared points out, everyone has that everyone role. If you configured the Everyone role wrong you see exactly what you see now. You have to check on project and on team level. Your issue is probably on project or root team level in the Everyone role and there fore impacts you everywhere.
Ralph and Jared,
I appreciate the response, however, it seems my set-up is correct. For the Everyone role, I have only allowed them to create personal dashboards. With this being the case, I would not expect someone with the default role to be able to create a work item. Could this be because the license assigned is Quality Professional? Does that automatically grant the permission of creating a work item??
After reviewing a few other forums, I found that permissions can be set in not one, not two, NOT THREE but FOUR different places!! Project, Team, Iteration Types, and Timelines. The following forum discussion tipped me off to this: https://jazz.net/forum/questions/82317/why-dont-permissions-show-up-checked-in-the-web-ui
As already mentioned in my answer above, check https://jazz.net/library/article/291 and https://jazz.net/library/article/292 because it is similar for behavior. Behavior is even a bit more tricky, because the first behavior that is found is used.