We are running permissions re-ordering. Moving teams to smaller groups in order to achieve it, and I created three groups as well:
Reporter
Developer
Maintainer
For users under developer rank, the button Clear Runner Caches has gone missing. How can I allow every user to execute this option?
Screenshot:
It's currently available only for maintainers and owners roles.
Nevertheless, there's an open ticket to allow developers to execute this command as well.
Refer: GitLab Issue
Related
We are using Azure Devops with our team, we want to have a space were other colleagues out of our team can add ideas about future project.
We created a specific Backlog "Wishlist" and give to some users a StakeHolder account. We added them to the members of this backlog.
We want them to be able to create ticket, but not to edit them (no delete, no chamgement of state ...)
Our team that have admin rights will be able to operate those work items (accepted, rejected, Active and Close)
I look for a solution to restrict those user from editing but was not able to found a successful way to do it.
-In Rules, We couldn't specify those specific rule about work Item edition
-In Project Settings / Permissions / Wishlist
we don't have any permision linked to the Work Items
-In Project Settings / Project Configuration / Areas / Wishlist / Security
We can set for specific users "Edit Work Items in this node" to Deny, but they will not be able to create Work items
If someone have an idea about how to deal with this request, it will be highly appreciated.
Thank you
Sorry, it's not able to do this right now.
A user needs to have the Edit work items in this node permission for some Area and Iteration path to create a work item.
There is no sperate permission for either creating or editing work item. This is by designed.
We're running Jira 7.7.0 and Confluence 6.0.4
Our team is split into 2nd level support and 3rd level (us).
PROBLEM:
We would like to let 2nd level to do as much admin support as possible with as few permissions as needed.
1. The software offers for Core two admin groups, but both offer too many admin rights (Jira Administrators / Jira System Administrators)
2. Confluence has 2 groups Admins and users
DETAIL:
None of the global permissions of either permit, that we allow a group to
- Add Spaces
- Add projects
- Add users
- Add groups
but keep them otherwise out of all the rest
DESIRED
A way to have a super user be able to not just manage >existing<, but also add the entities mentioned above.
OPTIONS?
A) A plugin that enhances users to be "a bit" Administrator, BUT with ADDING feature (this does not seem to exists)
B) A plugin that hides the menu items, but would technically still enable the users to execute the tasks if a URL was known
QUESTION
- Does anyone have a hint on what plugin could manage this? Either permission or menu hiding?
- Is there a way to trick configuration to achieve this (I assume not)
Many thanks!
Carsten
There is an addon called Delegated Project Creator for Jira that address your request. To get it, search for it in the marketplace under "administration".
On the other hand you can tweak the UI of both apps to control access to options using Jquery. The addon Script Runner for JIRA has some options for this.
Currently i generated excel file from TFS 2013.
I want to disable editing this file for some specific users.
I tried to add these users in the group Reader only, but they can modify the excel file then publish it.
On the other side, i want to give them the ability to refresh the excel file and get the latest status.
By "publish" I assume you mean the Check In permission. Readers don't have an explicit Deny on Check In by default, so you may find that people who can still Check In are members of another group with permissions. The usual group being the Contributors group.
To force the matter you can go to the file in question in Source Control Explorer, right click it and select Advanced -> Security and then explicitly set the Reader group to Deny for the Check In right.
I assume that you mean "publishing work items". If you do then people in the readers group will not be able to publish unless they also have contributed rights. So while they can click "publish" they will not be able to make changes on TFS, and they will be able to refresh.
We have a project administrator for a collection of projects on TFS Online. We recently hired so he had to add the guy as a new member into the team.
However he cannot see one specific project we have, even with identical permissions as the other users. His account was created in the same way as the others.
Trying to help the guy out here I offered to try a few things and noticed, If I create a new project as a test. "Test1", and add him as a member, he can see this account fine when he logs in to TFS Online/Connects on Visual Studio.
Which leads me to believe that it's based on some visibility setting within TFS, even though the other members linked to the project can see it fine.
Any possible ideas for me to try?
You need to try and trace his effective permissions. It sounds like there is a denied somewhere.
If you open the admin for that team project and goto the security tab there is a box to add the users account. You should then see the effective permission on the right and he should have and Alowed in the "View project level information" permission.
If he does bot you can roll your mouse over it and click the "why" button and you will see where the overide is coming from.
I spent a lot of time to find out a really working solution for this problem. I read all the documents, blogs, forums and etc about this, but nothing worked. Let's go straightly to the question.
I'm using BitNami Redmine Stack, and I wanted to prepare a totally free helpdesk on redmine. As you know, redmine can originally create issue by email (in my case Gmail). Someone (let's say a customer) sends an email to redmine stack and declares an issue that need to be fixed by the support team. Then support team could see all the issues reported by customers and begin the fixing workflow. This way the customer will be informed about the updates for tissue and how the process is going forward
I used this article originally to solve the problem, but I changed some parts as needed. Here are the steps:
1. Create the Customer role and set the permissions
Sign in to Redmine as Administrator and go to the Administration > Roles and permissions > New role. Name it Customer, uncheck "Issues can be assigned to this role" and for Issue visibility select "Issues created by or assigned to the user".
Now in permission section, check the Issue tracking > Add Issue.
2. Create Redmine User for issues creation
Go to Administration > Users > New user and create an account, use the email of the customer here. Then go back to "Users", choose the user, go to Projects tab. In the "New project" panel, select the project, check the Customer role and click add.
3. You need a Gmail account for Redmine
Customers will send their mails to this Gmail address (let's call it redmine.YourCompanyName#gmail.com). Then we fetch mails and create issues in Redmine. So, go to Gmail settings and enable IMAP (cause we use IMAP)
4. Get the CACert.pem
Get the cacert.pem file from here and put it somewhere inside Redmine installation folder (I put it inside "C:\BitNami\redmine-2.3.1-1\apps\redmine\htdocs\cert.pem").
5. Now the script to fetch mails and create issues
Go to the directory that Redmine is installed. Then go to apps > redmine > htdocs (mine is "C:\BitNami\redmine-2.3.1-1\apps\redmine\htdocs\"), hold Shift key, right click and select "Open command window here". Now run this script in command window:
rake redmine:email:receive_imap unknown_user=accept no_permission_check=1 RAILS_ENV="production" host=imap.gmail.com port=993 username=redmine.YourCompanyName#gmail.com password=YourGmailPassword ssl=1 project=YourProject
set SSL_CERT_FILE=C:\BitNami\redmine-2.3.1-1\apps\redmine\htdocs\cert.pem
This script fetches mails in your Gmail account (redmine.YourCompanyName#gmail.com) and creates issues in Redmine. You may run this script periodically, so you could do it manually or create a job for it (i.e. a task in Task Scheduler)