Defect #16661

Different users sharing same role have rights in projects in which user is not a member

Added by Lajish Lakshmanan over 3 years ago. Updated over 3 years ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Administration
Target version:-
Resolution: Affected version:

Description

Since different projects have different project managers and development managers. Providing admin rights to such users create confusion and a threat to redmine integrity.

In my organisation, we are using Redmine for different projects, so different users can have same role. Due to this an user in one project get same rights as that of other user in another project. Somehow I can manage this situation by making project as private but there is a need to see issues of other projects in order to get information from those trackers.

Don't we need a logic for assigning roles permissions based on project instead of globally. Here Administrator should be able to set Roles permission in project itself and of course local admin for each project.


Related issues

Related to Redmine - Feature #850: Per-project role permissions New 2008-03-14
Duplicated by Redmine - Defect #17213: A redmine user can raise/create a tracker even though he/... Closed

History

#1 Updated by Martin Denizet (redmine.org team member) over 3 years ago

As discussed is this forum thread, the current Permissions/Roles/Groups allow to do that.
In Redmine Administrator has a global meaning. You can create a "Project Administrator" role with all permissions and give it to users on a per project basis.

#2 Updated by Lajish Lakshmanan over 3 years ago

Martin Denizet wrote:

As discussed is this forum thread, the current Permissions/Roles/Groups allow to do that.
In Redmine Administrator has a global meaning. You can create a "Project Administrator" role with all permissions and give it to users on a per project basis.

Hi Martin,
You are right, there should be some granularity for assigning permissions for roles on project basis instead of global basis.
But in my organization, we have a group of developers and testers in which different users work in different projects. Sometimes circumstance arouse when 1-2 developers or testers are borrowed for some man hours to other projects based on specific requirement. At this time, it is not possible to manage their rights on basis of project. Moreover it is not possible to create a too many groups such as Developer1, Developer2....and so on. I think you can understand my situation.

#3 Updated by Toshi MARUYAMA over 3 years ago

  • Related to Feature #850: Per-project role permissions added

#4 Updated by Toshi MARUYAMA over 3 years ago

  • Duplicated by Defect #17213: A redmine user can raise/create a tracker even though he/she is not a member of project added

Also available in: Atom PDF