Czesc,
1. Is anywhere available specification of roles permissions?
2. There is wrong way of determining who is allowed to do something I have
added one role and without any other modifications this role has access to
clock-in time, attaching files and many others. We should create a table
with roles and permissions. And keep it for everybody information.
I prefer one way permission. I mean if you have permision you get access.
I see in code that there is also denny. For example if you are manager you
cannot set administrator role. It should not be like this. If you are
administrator you are allowed to set administrator role. If you are
manager you are allowed to set : manager, viewer, reporter and some other
roles.
I prefer to explicitly define what roles can manager assign (not: every
role except administrator).
3. I want to create role 'customer'. He is able to :
- view issues, but not full view. Only overview, details, files.
- create issues (but different template. Only: category, priority,
summary, description, attach file, notification options)
- no other fuctions.
4. Roles per project would be nice, but it is too big architectural change
right now. .
Marcin Slusarczyk
| Thread |
|---|
| • roles and permissions | marcin.slusarczyk | 2 Mar |
