Defect #16661
openDifferent users sharing same role have rights in projects in which user is not a member
0%
Description
Since different projects have different project managers and development managers. Providing admin rights to such users create confusion and a threat to redmine integrity.
In my organisation, we are using Redmine for different projects, so different users can have same role. Due to this an user in one project get same rights as that of other user in another project. Somehow I can manage this situation by making project as private but there is a need to see issues of other projects in order to get information from those trackers.
Don't we need a logic for assigning roles permissions based on project instead of globally. Here Administrator should be able to set Roles permission in project itself and of course local admin for each project.
Related issues
Updated by Martin Denizet (redmine.org team member) over 10 years ago
As discussed is this forum thread, the current Permissions/Roles/Groups allow to do that.
In Redmine Administrator has a global meaning. You can create a "Project Administrator" role with all permissions and give it to users on a per project basis.
Updated by Lajish Lakshmanan over 10 years ago
Martin Denizet wrote:
As discussed is this forum thread, the current Permissions/Roles/Groups allow to do that.
In Redmine Administrator has a global meaning. You can create a "Project Administrator" role with all permissions and give it to users on a per project basis.
Hi Martin,
You are right, there should be some granularity for assigning permissions for roles on project basis instead of global basis.
But in my organization, we have a group of developers and testers in which different users work in different projects. Sometimes circumstance arouse when 1-2 developers or testers are borrowed for some man hours to other projects based on specific requirement. At this time, it is not possible to manage their rights on basis of project. Moreover it is not possible to create a too many groups such as Developer1, Developer2....and so on. I think you can understand my situation.
Updated by Toshi MARUYAMA over 10 years ago
- Related to Feature #850: Per-project role permissions added
Updated by Toshi MARUYAMA over 10 years ago
- Has duplicate Defect #17213: A redmine user can raise/create a tracker even though he/she is not a member of project added