Home » Blogs » Keith Casey's blog
dotProject Permissions 201
Tags: 
Date: 5 June, 2006 - 12:45

After many recent threads about permissions "errors" in the dotProject forums, I've decided to describe one set of permissions here. This is not all of the permissions in effect here at CaseySoftware, but it is the main set used throughout daily usage. If you have questions, feel free to post them below.

Role: Project Worker
Non-Admin Modules - Allow - Access, Add, Delete, Edit, View
Companies - Deny - Access, Add, Delete, Edit, View
Reports - Allow - Access, Add, Delete, Edit, View

Explanation: This gives access for a User to do anything they want on any of the non-admin modules *except* for Company. But since all of my Projects are assigned to a company, they can't actually see anything other than the navigation menu and empty screens.

Test Results: I just created a new User with *only* this Role. The only Nav options visible are Projects, Tasks, Calendar, Files, Contacts, SmartSearch, Links, Reports. Under each, there is no data visible other than information not associated with any Company... for example, some of the Contacts.

Now, I got back and add the following permissions to this user:
Companies - CaseySoftware, LLC - Allow - Access, View

The User can now view all the information associated with my Company. This includes all of its Projects, Files, Contacts, etc. This user could even create new projects if they wanted, but only for this Company.

Now, since this is a ficticious contractor user, I add the following permissions:

Companies - Acme Anvil Corporation - Allow - Access, View

The User can now view all the information associated with this additional Company. Everything they could do/see for CaseySoftware, LLC now applies here too. Now, if they were working on this company's projects, they could log time against tasks, whatever.

Now let's say I have a single Project within CaseySoftware, LLC that the person shouldn't see, so I add these permissions:

Projects - Secret Anvil Development - Deny - Access, View, Add, Edit, Delete

This prevents the User from seeing *anything* involved with this project. No Tasks, no Files, no Calendar Events.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Defualt User Permissions

Submitted by Sohail Iqbal (not verified) on 15 September, 2006 - 11:02.

Hi,

I want to setup default security rules (for all new team members) as:
• Should NOT have access to ANY Company
• Should NOT have access to ANY Company Contact
• Should NOT have access to ANY Project
• Should NOT be able to create new Projects

So I can explicitly define, on what projects the user has access

Can you help me?

Default Permissons

Submitted by Keith Casey on 16 September, 2006 - 09:42.

Well, whenever a new user is created, they don't have any permissions (Roles) by default. Therefore, your first three points should be handled automatically.

To expand from there, you'd have to grant project-specific permission to each user.

I still cannot set permission for forums

Submitted by Komjak (not verified) on 25 October, 2007 - 00:26.

I do exactly what you told...
But the forum still doesn't work becuase
my client still see other forums that not related to his company/project.

Anyway, Thank you for your guideline.

Cheers,

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <br> <img> <p>
  • Lines and paragraphs break automatically.

More information about formatting options

User login

Syndicate

Syndicate content

This is not the home of dotProject. It is the home of CaseySoftware, LLC. Any dotProject support questions should be referred to their support forums.

Recent comments

Ads

Text Link Ads Directory of Computers/Tech Blogs