Knowledge Base

High-level overview of how granting permissions works

By Carmen posted 01-12-2016 11:20

  
Permissions may be granted by System Admins and Organization Admins by default. If authorized by System Admins, Project Managers may grant them as well.

Note that hosted customers do not have access to the Jama Software System Administration console.

Permission levels (granted by Org. Administrators via Admin > Permissions)
  • Administrator: Access to the Admin Panel. Grants the user the ability to delegate organization permissions. Grants permissions to users and groups.
  • Manage Project: Allows user to manage a particular project via Project > Configure Project > Configure Project.
  • Project Create/Edit: Grants the user the ability to create and edit items within projects in the Organization.
  • Project Read: Grants read access to projects in the organization.
  • Review Center Administrator: Grants the user the ability to manage reviews.
  • Reuse Administrator: Grants the user the ability to create/edit/delete reuse rules.

Where possible, user group permissions should be set at the project level, or at one or two top-level components or sets. By default, all lower levels will inherit those permissions. 

Exceptions to lower level permissions occur in folders and previously overridden items. You can read more about how folder's permissions work  here

You can override inherited permissions on any container: project, component, set or folder.

As groups permissions are modified with the override, it is possible for a container to be hidden to Groups or Users by not granting it Read permissions.
This also means that an Organization Admin may not be an Administrator of a project where inheritance has been overridden.

We recommend avoiding setting permissions too deep in the Project Tree since breaking inheritance too much will make permissions management needlessly complicated.

To confirm if permissions are inherited from top-level containers view the Inherited column, under System Admin (root) view > Permissions or Organization Admin > Permissions.

Admin > Permissions

You can always remove an override, under the Permission > Actions column. That will re-apply the inherited permissions.

In case permissions have been granted only to that particular project's location, the inheritance is always set as FALSE and the Remove option will clear the Group or User from that container.

False/white vs True/green
Org. Administration permissions can be granted both by other Org. Administrators, from the Admin Panel > Permissions > Select Org. name > Add Permissions, and by System Administrators (root user) under Jama Software System Administration view > Permissions.



 Users can be assigned to one or more groups that may contain conflicting permissions. In this situation, the highest level of access available will be applied to the user or group.

Permissions and Licenses

User's permissions must be aligned to the license type applied in order to work correctly.

Test center and Releases

Permissions for creating Test Plans require Create/Edit permissions to the entire project. 

Releases can be managed by users with Manage Project permissions as well as Organization Admins. 

Permissions and Relationships trace 


 



#administration
2 comments
144 views

Comments

10-20-2016 21:04

Bhargav,

Permissions should function the same in the API as they do the GUI.

10-18-2016 20:48

Dear Carmen:

Does all of this is still valid and correct even when user access using REST API?

Bhargav