Project

General

Profile

permissions of multiple roles

Added by Adnan Topçu about 11 years ago

Hello dear members,

I have created and configured following roles:
  1. Read Only : view all issues.
  2. Staff : edit assigned issues.

When an user in the only one of above roles there is no problem. But if an user has both roles, he/she can edit all issues in that project. but this is not suitable for us.

Is this can be bug?
Is there a way to achieve my goal?

Environment:
Redmine version 2.2.1.stable
Ruby version 1.9.3 (x86_64-linux)
Rails version 3.2.11 <
Environment production
Database adapter Mysql2

Best Regards,
Adnan


Replies (9)

RE: permissions of multiple roles - Added by Terence Mill about 11 years ago

YOu cann edit all issues you can "view" (see issue visbility in role cfg) if you have the "edit issues" right.
If you wanna allow viewing but not editing for issues dependent if you are author or assignee you have to do that in "adavanced worflow" config by making the fields read only for all status changes

RE: permissions of multiple roles - Added by Mischa The Evil about 11 years ago

Adnan Topçu wrote:

[...] But if an user has both roles, he/she can edit all issues in that project. but this is not suitable for us.

Is this can be bug?

Adnan, AFAIK that is the intended behavior. If a user has multiple roles on a project, his permissions on that project are equal to the highest granted from all given roles.
I remember reading something about this a long time ago. Did some searching but couldn't find any source to support this statement.

HTH. Mischa.

RE: permissions of multiple roles - Added by Adnan Topçu about 11 years ago

Mischa The Evil wrote:

If a user has multiple roles on a project, his permissions on that project are equal to the highest granted from all given roles.
HTH. Mischa.

Thank you for feedback.

This is the expected. But I think current situation is not this.
One role give to the user "view all issue without the edit" permission.
other role give to the user "update assigned issues".
But result is "update all issues".

Terence Mill,
If I understand as correct, Workflow does not help. because additional sections of author and assigne does not exist in "Fields Permissions" tab.

Regards,
Adnan

RE: permissions of multiple roles - Added by Terence Mill about 11 years ago

Terence Mill,
If I understand as correct, Workflow does not help. because additional sections of author and assigne does not exist in "Fields Permissions" tab.

Not in the permission view, but in the worflows view where you can set read/write permission based on author or assignee role. Check the extended workflow cfg, as i said.

RE: permissions of multiple roles - Added by Adnan Topçu about 11 years ago

Extended workflow.
I will check.
Thanks.

RE: permissions of multiple roles - Added by Adnan Topçu about 11 years ago

How can I access extended or advanced workflow cfg? Is it a plugin?

RE: permissions of multiple roles - Added by Adnan Topçu about 11 years ago

Dear Terence Mill,
Can you provide more information about to "extended workflow cfg" or something like this. I could not find.

Terence Mill wrote:

Terence Mill,
If I understand as correct, Workflow does not help. because additional sections of author and assigne does not exist in "Fields Permissions" tab.

Not in the permission view, but in the worflows view where you can set read/write permission based on author or assignee role. Check the extended workflow cfg, as i said.

Regards,

RE: permissions of multiple roles - Added by Terence Mill about 11 years ago

Since redmine 2.1
See status transition bottom for asiggne and author and worflows field permission..
http://www.redmine.org/attachments/8217

RE: permissions of multiple roles - Added by Adnan Topçu about 11 years ago

Okay, status transition has asiggne and author spesific configuration. but this only one field. other fields are in "Field Permissions" tab and asiggne and author spesific permissions not available in there.

I believe that is a bug.

Terence Mill wrote:

Since redmine 2.1
See status transition bottom for asiggne and author and worflows field permission..
http://www.redmine.org/attachments/8217

    (1-9/9)