Roles and permissions
Overview
Global permissions and Project permissions
Task tracking
Permissions report
How to assign roles to users
Overview
Roles and permissions settings can be configured in Global menu >> Administration >> Roles and permissions. Here you can see the existing roles, you can delete them, create a new one and you can also see permissions report. You may edit the name of the role and set what can the user with this role see or do.
To create a new role, simply click on the "New role" button at the top right. By default, the permissions of the new role are the same as those of the non-member role.
You can drag and drop roles in the list, thus creating a hierarchy, which determines which role can delete any other from a project. For example, role A cannot delete a role B from a project if role B is above the role A in the hierarchy.
A special case is setting permissions for users who are not members of any projects. Permissions for these users are set in the role of Non-member, which is a system role that can not be deleted.
Global permissions and Project permissions
There are two types of permissions:
- Global - if the user is in this role in any project, he can perform these actions. These actions are valid throughout the system without binding to a single project.
- Project - only applied to actions in projects where the user is in this role.
Permissions are grouped by modules and plugins. Here I a brief summary of what which group contains.
Uncategorized
- Tasks can be assigned to this role: yes or no
- Tasks can be reassigned only to author: yes or no
- Tasks visibility: all/non-private tasks in user's projects or tasks created/watched/assigned to the user. The last option includes the user's direct subordinates as well (if defined by the organization structure)
- Spent time visibility: all entries or own entries only
- Users visibility: all or members of visible projects only
- Member management: which user roles can assign this particular user role to other users when adding or editing project members
- Default time spent activity: None or a selected one which will be preselected in spent time.
- Accounts visibility: all Accounts or Accounts meeting specific criteria only
- Opportunities visibility: all Opportunities in users projects, or Opportunities created by or watched by or assigned to the user
- Leads visibility: all Leads, or Leads assigned to user
- Leads Manageability: all Leads, or Leads assigned to user
- Partners visibility: all Partners, Partners created by or assigned to the user, Partners created by user, or Partners assigned to user
- Risks visibility: all Risks in users project, or Risks created or assiged to user
- Export templates visibility: all export templates or those created by the user only
Global permissions
- Project: you can allow the user to create projects, delete projects, edit projects, etc.
- Accounts: You can allow user to view, manage delete Accounts, etc.
- Agile Board: set who can view/manage global sprint and Scrum board
- Agile resources: set wh can view and manage Agile Resurce Management
- Alerts: set what may your user do with alerts
- Assets and Configurations: set what user may do withing this plugin.
- Attachments: set if user may view global attachments
- Attendance: you can control here, what may the user do with the attendance and also if he may see only his attendance or also attendance of other users
- CRM: set if the user may manage user targets in CRM
- Calendar: set if user can view calendar, view and manage meetings
- Easy GIT: set who can view and manage Easy GIT
- Easy Mautic: set if user recieve crm from mautic, viw and edit mautic settings
- Easy campaigns: set if user can view and manage campaigns
- Gantt: allow your user to view or edit Global Gantt & Calendar
- Help desk: allow managing Help desk
- Leads: allow user to view, manage and anonymize Leads
- Partners: allow user to view and manage Partners
- Payroll and invoicing sheet: allow your user to view payroll and invoicing sheets as well as internal/external rates
- Personal contacts: allow user to manage Persona Contact types
- Price books: allow user to view and edit Price books, and manage Price book quotes
- Resources: allow user to view, edit Global resources, etc.
- Risks: set if user can edit Risks dashboard
- Scrum boards: allow user to view and edit Scrum boards
- Short URLs: set if user may manage short URLs
- Spent time: allow your user to view spent time, personal entries, log time for other users or lock entries
- Stakeholders: allow user to view, manage or anonymize Stakeholders
- Task templates: allow user to view or manage Task templates
- Timesheets: allow the user to see timesheets
- To-Do: allow your user to use the to-do list in the upper menu
- Xapian search: Allow user to save default search settings, and see previousy clicked items.
- Others: contains permissions to edit Dashboards, edit profile , permissions regarding Easy Buttons and Export templates, etc
Project permissions
- Project: here you will find overall permissions of editing project in any way
- Attachments: set who can view attachments on a project
- Baselines: allow the user to view or manage Baselines of a project
- Budgets: permissions related to planned/real costs, incomes, expenses, and profit
- CRM: set if the user may see CRM cases and if he can manage them
- Calendar: set who can view calendar
- Checklists: set who can create and manage checklists
- DMS: permissions related to documents stored in DMS
- Documents: allow the user to view or manage documents
- Earned values: set who can view or edit values in Earned Value Management module on a project
- Easy sla events: set who can view and manage SLA events in Help desk
- Easy web hooks: set who can view and manage web hooks in Repository
- Files: set who can view and manage files on a project
- Gantt: allow user to view and edit Gantt on a project
- Help desk: allow the user to use the Help desk module on a project
- Kanban board: set who can view and edit Kanban board
- Mind Maps: set who can manage Mind Maps
- News: allow the user to view add and manage news module on a project
- Project scrum board: set who can view manage adn edit Project scrum board
- Quick project planning: allow the user to use quick project planning
- Repository: allow the user to view and manage repositories and details
- Resources: set who can view and edit Resources on a project
- Risks: set who can view, edit or manage, etc Risks on a project
- Spent time: allow the user to log time, edit time entries or manage project activities
- Task sequences: set who can design task sequences
- Task tracking: here you set everything that has to do with tasks, such as creation, deleting, editing, viewing, etc.
- Test Cases: permissions related to test cases, test plans, and test case executions
- WBS: set who can view WBS module on a project
- Wiki: set who can view, manage, etc Wiki on a project
Task Tracking
Here you can set in detail for each role, which actions regarding Tasks can be done under which Task type:
You will find a table like this:
By default All actions are selected for all Task types.
Permissions Report
On the Roles and permissions main page, in the sidebar in an option "Permissions report" where you can compare the permissions of the roles.
How to assign roles to users
You created roles and added permissions to them. We will now show you how to assign those roles to users.
Assign a role while you are adding members to a project.
Open selected project >> Project controls >> Members
Here, add a new member. You can choose the member, and what role OR roles he will have.
You will also be able to edit roles of existing members, by clicking the edit button:
Within a project you can also set a default role, which will be assigned to author of the project/subproject. This function is descried more in detail in our post Project management.
Assigning role through users profile.
Go to Administration >> Users , or Global menu >> Users . Find the user and click edit.
On the projects tab, you select a project and assign/edit a role this way.
