RedmineRoles » History » Version 23
Hinako Tajima, 2017-12-18 09:26
1 | 1 | Jean-Philippe Lang | h1. Roles & permissions |
---|---|---|---|
2 | |||
3 | 12 | Dave Clements | Roles lets you define the permissions that the members have on a [[RedmineProjects|project]]. Each member of a project has one or multiples Role(s) for the project. A user can have different roles for different projects. |
4 | 1 | Jean-Philippe Lang | |
5 | You can create new roles or edit existing ones. You can delete a role only if nobody has this role on a project. |
||
6 | |||
7 | h2. Roles properties |
||
8 | |||
9 | * *Name*: display name of the role |
||
10 | 2 | Jean-Philippe Lang | * *Issues can be assigned to this role*: if unchecked, issues can not be assigned to members with this role on a project. |
11 | 15 | Etienne Massip | * *Issues visibility*: assuming that this role includes the ??View Issues?? permission, the following rules apply to the issues of the projects the user is tied to through it: |
12 | 16 | Go MAEDA | ** _All issues_ : the user can see all issues. |
13 | ** _All non private issues_: the user can see all issues which are not marked as private. This is the default. |
||
14 | 15 | Etienne Massip | ** _Issues created by or assigned to the user_: the user can only see issues created by or assigned to her/him. |
15 | 23 | Hinako Tajima | * *Time logs visibility*: assuming that this role includes the ??View spent time?? permission, the following rules apply to the issues of time logs the user is tied to through it: |
16 | 22 | Hinako Tajima | ** _All time entries_ : the user can see all time logs.This is the default. |
17 | ** _Time entries created by the user_ : the user can only see time logs created by or assigned to her/him. |
||
18 | * *Users visibility*: the user can select the range of other users who can see time logs. It influences list of users in watcher selection screen and propriety of profile page appearance. |
||
19 | 23 | Hinako Tajima | ** _All active users_ : the user can see all users information who is registered in Redmine.This is the default. |
20 | ** _Members of visible projects_ : the user can only see users information who is a member of the project. |
||
21 | 1 | Jean-Philippe Lang | |
22 | 5 | Jean-Philippe Lang | h2. Permissions |
23 | 1 | Jean-Philippe Lang | |
24 | When editing a role, you can define its permissions by checking/unchecking the different actions. |
||
25 | |||
26 | 4 | Jean-Philippe Lang | |_. Permission|_. Description| |
27 | |\2. *_Project permissions_*| |
||
28 | |Create project|Allow non-admin users to create a root project |
||
29 | 13 | Graham King | You can specify which role will be automatically given to a non-admin user who creates a project (see [[RedmineSettings#Projects]])| |
30 | 4 | Jean-Philippe Lang | |Edit project|Allow user to edit project properties| |
31 | 20 | Go MAEDA | |Close / reopen the project | Allow user to close / reopen projects | |
32 | 4 | Jean-Philippe Lang | |Select project modules|Allow user to enable/disable project modules (such as issues tracking, wiki, repository...)| |
33 | |Manage members|Allow user to add/remove project members or change the roles of existing members| |
||
34 | |Manage versions|Allow user to add/edit/delete project versions| |
||
35 | |Create subprojects|Allow user to add subprojects to the project| |
||
36 | 20 | Go MAEDA | |Manage public queries|Allow user to save/edit/delete public queries| |
37 | 21 | Go MAEDA | |Save queries|Allow user to save/edit/delete their private queries| |
38 | 4 | Jean-Philippe Lang | |\2. *_Boards permissions_*| |
39 | |Manage boards|Allow user to add/edit/delete project forums| |
||
40 | |Post messages|Allow user to post new topics in forums| |
||
41 | 8 | Mischa The Evil | |Edit messages|Allow user to edit any message and to remove any message attachments| |
42 | 4 | Jean-Philippe Lang | |Edit own messages|Allow user to edit its own messages only| |
43 | |Delete messages|Allow user to delete any topic or reply| |
||
44 | |Delete own messages|Allow user to delete its own topics or replies| |
||
45 | |\2. *_Documents permissions_*| |
||
46 | 17 | Go MAEDA | |Add documents|Allow user to add project documents| |
47 | |Edit documents|Allow user to edit project documents| |
||
48 | |Delete documents|Allow user to delete project documents| |
||
49 | 4 | Jean-Philippe Lang | |View documents|Allow user to view documents| |
50 | |\2. *_Files permissions_*| |
||
51 | |Manage files|Allow user to add/edit/delete project files under the Files section| |
||
52 | |View files|Allow user to view files| |
||
53 | |\2. *_Issue tracking_*| |
||
54 | |Manage issue categories|Allow user to add/edit/delete issue categories| |
||
55 | |View Issues|Allow user to view project issues| |
||
56 | |Add issues|Allow user to create new issues| |
||
57 | |Edit issues|Allow user to fully edit existing issues| |
||
58 | 18 | Go MAEDA | |Copy issues|Allow user to copy existing issues| |
59 | 7 | Mischa The Evil | |Manage issue relations|Allow user to add/remove relations between issues| |
60 | |Manage subtasks|Allow user to add/remove subtasks to issues| |
||
61 | 4 | Jean-Philippe Lang | |Add notes|Allow user to add comments to existing issues| |
62 | |Edit notes|Allow user to edit any issue comment| |
||
63 | |Edit own notes|Allow user to edit its own comments only| |
||
64 | |Delete issues|Allow user to delete issues| |
||
65 | |Manage public queries|Allow user to add/edit/delete issue queries that are visible by all users| |
||
66 | |Save queries|Allow user to save its own issue queries| |
||
67 | |View gantt chart|Allow user to view the gantt chart| |
||
68 | |View calendar|Allow user to view the calendar| |
||
69 | |View watchers list|Allow user to see who is watching an issue| |
||
70 | 1 | Jean-Philippe Lang | |Add watchers|Allow user to add other users as watchers of an issue| |
71 | |Delete watchers|Allow user to remove watchers of an issue| |
||
72 | 5 | Jean-Philippe Lang | |\2. *_News permissions_*| |
73 | |Manage news|Allow user to add/edit/delete project news| |
||
74 | |Comment news|Allow user to add comments to news| |
||
75 | |\2. *_Repository permissions_*| |
||
76 | |Manage repository|Allow user to configure the project repository| |
||
77 | |Browse repository|Allow user to browse and view the content of the project repository| |
||
78 | 14 | Mischa The Evil | |View changesets|Allow user to view the changesets| |
79 | 5 | Jean-Philippe Lang | |Commit access|Used by Redmine.pm to give write access to the project repository |
80 | See [[Repositories_access_control_with_apache_mod_dav_svn_and_mod_perl]]| |
||
81 | |\2. *_Time tracking permissions_*| |
||
82 | |Log spent time|Allow user to log time on the project| |
||
83 | |View spent time|Allow user to view the time logs on the project| |
||
84 | |Edit time logs|Allow user to edit any time log| |
||
85 | |Edit own time logs|Allow user to edit its own time logs only| |
||
86 | |Manage project activities|Allow user add/edit/delete activities| |
||
87 | |\2. *_Wiki permissions_*| |
||
88 | |Manage wiki|Allow user to create or delete the project wiki |
||
89 | 11 | Tharuka Pathirana | Deleting a wiki is an *irreversible* operation, it deletes all pages, their history and all attached files!| |
90 | 5 | Jean-Philippe Lang | |Rename wiki pages|Allow user to rename existing wiki page or assign wiki pages to a parent page| |
91 | |Delete wiki pages|Allow user to delete wiki pages |
||
92 | Deleting a wiki page is an *irreversible* operation, the page and all its history are deleted!| |
||
93 | 1 | Jean-Philippe Lang | |View wiki|Allow user to view the wiki| |
94 | 7 | Mischa The Evil | |Export wiki pages|Allow user to export wiki pages to various formats (pdf, html, ...)| |
95 | 5 | Jean-Philippe Lang | |View wiki history|Allow user to view older versions of the wiki pages, and diff between versions| |
96 | |Edit wiki pages|Allow user to edit unprotected wiki pages| |
||
97 | |Delete attachments|Allow user to delete existing wiki page attachments| |
||
98 | |Protect wiki pages|Allow user to lock/unlock wiki pages, and edit locked pages| |
||
99 | 4 | Jean-Philippe Lang | |
100 | 1 | Jean-Philippe Lang | h2. System roles |
101 | |||
102 | 13 | Graham King | There are two system roles in Redmine: 'Non member' and 'Anonymous'. They are internally used by Redmine and thus can not be deleted. |
103 | 1 | Jean-Philippe Lang | |
104 | * *Non member*: this role lets you define the permissions that a registered user has on projects which he is not a member of. |
||
105 | * *Anonymous*: this role lets you define the permissions that anonymous users have on the projects. |
||
106 | |||
107 | 13 | Graham King | Note that these two roles only apply to public projects since anonymous users and users who are not a member of a private project can not even see it. |
108 | 6 | Jean-Philippe Lang | |
109 | 9 | Glenn Gould | As a consequence of the fact, that anonymous and non member roles can not be assigned to a specific user or group, but are assigned automatically, the permissions of these roles are global for a given Redmine installation. To be more concrete: You can create different developer-roles (reporter1,reporter2,...) with slightly different permissions to fit specific needs of specific projects. However: you cannot adapt anonymous and non member roles in a way, that non-members are allowed to create board-messages in one project, but are forbidden to do so in another project. |
110 | |||
111 | 10 | Glenn Gould | Some permissions can not be given to these roles. For example, the 'Manage members' permission can not be given to non member or anonymous users. |